poptop_ads_howto_5.htm 2.9 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071
  1. <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
  2. "http://www.w3.org/TR/html4/loose.dtd">
  3. <html>
  4. <head>
  5. <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
  6. <title>Poptop MSCHAP2 ADS Howto</title>
  7. </head>
  8. <body>
  9. <p><strong>8. Samba
  10. </strong></p>
  11. <p>FC5 comes with samba v3.0.21b and FC6 has version 3.0.32c. The current samba RPM version from <em>yum</em> at the time of writing for FC5 is v3.0.23c. It is highly recommended to use the latest version. </p>
  12. <p>The required RPM packages for samba in Fedora are <em>samba, samba-client, samba-common</em>. Install through <em>yum</em> if any of them is missing. </p>
  13. <blockquote>
  14. <pre>[root@pptp ~]# yum install samba samba-common samba-client</pre>
  15. </blockquote>
  16. <p><strong>Note: </strong>
  17. Information on Samba and FC4 can be found in <a href="poptop_ads_howto_a2.htm#samba">Appendix A3</a>.</p>
  18. <hr>
  19. <strong><a name="smbconf"></a>8.1 Configure Samba</strong>
  20. <p>No matter you choose to use winbind or freeradius to connect to Active Directory, you will have to configure samba properly. The configuration file of samba is in /etc/samba and is called smb.conf. The file should have at least the following lines. </p>
  21. <blockquote>
  22. <pre>[global]
  23. # define the netbios name of the domain
  24. <strong>workgroup = EXAMPLE</strong>
  25. # define the pptp server netbios name
  26. <strong>netbios name = PPTPDSVR</strong>
  27. # define the AD domain name
  28. <strong>realm = EXAMPLENET.ORG</strong>
  29. # server description
  30. server string = pptpd Server
  31. # printer stuff
  32. printcap name = /etc/printcap
  33. load printers = no
  34. cups options = raw
  35. # log file stuff
  36. log file = /var/log/samba/%m.log
  37. max log size = 50
  38. # must set to ads
  39. <strong>security = ads</strong>
  40. # address of domain controller
  41. <strong>password server = 10.0.0.1</strong>
  42. # enable encrypt passwords
  43. <strong>encrypt passwords = yes</strong>
  44. # default socket options setting on older samba. It is not defined in v3.0.23c
  45. ;socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
  46. # not to be a master browser
  47. domain master = no
  48. preferred master = no
  49. # address of the WINS server
  50. <strong>wins server = 10.0.0.1</strong>
  51. dns proxy = no
  52. # require this line to join the domain in older samba
  53. # I don't need this for samba v3.0.23
  54. <strong>;client use spnego = yes</strong>
  55. # winbind stuff
  56. <strong>idmap uid = 50001-550000
  57. idmap gid = 50001-550000
  58. winbind separator = +
  59. winbind nested groups = Yes
  60. winbind enum users=yes
  61. winbind enum groups=yes</strong>
  62. template shell = /bin/false
  63. winbind use default domain = no</pre>
  64. </blockquote>
  65. <p>The lines in bold are the important ones that you should pay attention to. Execute &quot;testparm&quot; to check the configuration. Correct any errors before proceeding to the next step.</p>
  66. <hr>
  67. <a href="poptop_ads_howto_6.htm">Next</a> &nbsp;&nbsp;<a href="poptop_ads_howto_4.htm">Previous</a>&nbsp;&nbsp;<a href="poptop_ads_howto_1.htm#toc">Content</a>
  68. <p>&nbsp; </p>
  69. </body>
  70. </html>