Winbind = using Windows ADS Accounts to login

[Strabo]

This post is to show you how to use Windows ADS accounts to login to your Linux server instead of manually making seperate Linux local accounts. The reason I did this is because some of our clients wanted to use sftp and the easiest way to manage all the different accounts for each client is creating OU's in Active Directory Services in Windows. This document will work with Windows 2000 or 2003 ADS.

 

Winbind is integrated with Samba and will require you to configure Samba and PAM for this operation to work succesfully. Lets get started :)

 

Step 1:

 

Lets backup your smb.conf file incase you make a mistake you can start over

 

Code:

cp /etc/samba/smb.conf /etc/samba/smb.bak

 

Step 2:

 

Now its time to edit your smb.conf file

 

Code:

vi /etc/samba/smb.conf

 

Step 3:

 

Now enter in the following below. You can delete the contents of your orginal smb.conf file as this will replace everything in there.

 

You will have to change the following lines to your configuration:

 

workgroup =

[Strabo]

I forgot to mention that you should login to the Linux server locally first so it can create your home directory (it makes you check ok to the popup). If you try to ssh to the box remotely the first time you login to the server it will authenticate then the ssh session will close (fails to make the home directory is the cause of the problem). I tested this with putty.exe. If I find a fix I will post it. Once you login locally with your Windows ADS account you can then login via ssh with no problems.

 

Strabo

[soumalya]

sir

 

thanks for ur valuable topic.

 

as u stated i configured centos 5.

 

smb.conf, krb5.conf, system_auth,login.

 

i got same reply when i use

wbinfo -a central.edu+user%password

but i cant log my linux server using central.edu+user

 

pls solve my prob.

 

thanks again