P.S. Unix / Windows Interoperability
mgeddes at tellurian.com.au
Thu Dec 5 12:29:42 CST 2002
On Thu, 2002-12-05 at 10:36, Adam Smith wrote:
> It seems that my current ideal setup looks like the following:
> WINDOWS: Windows 2000 ActiveDirectory domain containing users and
When you install AD, you'll probably want to allow NT 4.0 machines to
join the domain. Samba can apparently join an active directory, but I've
never tried it.
> UNIX: PAM_NTDOM to allow Unix systems to authenticate against
> an NT Domain.
As long as by PAM_NTDOM, you mean the winbind pam module, that should be
OK. The original pam_ntdom module was full of holes and has been
unmaintained for a couple of years now.
> SAMBA: SAMBA possibly using XFS, which supports ACLs
Or you could use ext2/ext3 with the ACL patch. BTW, ext2/ext3 ACLs made
it into the 2.5.x kernel series (yay!).
> Suddenly, it seems so simple. At least for testing. It'll still take a
> great deal of testing and running in yet :-)
Simple, errr, yes. Couldn't be, ummm, easier.....
It shouldn't be too bad :-)
> I'll keep the list posted as to my progress, because I'm still a little
> nervous about taking this venture ;)
A few more suggestions:
* Set up a test environment first, so that you can see how the pieces
fit together (BTW, you'll need a hammer) and you shouldn't go too far
* Keep your eye on the logs (log.nmbd and log.smbd in particular)
* Having a line in your smb.conf like:
log file = /var/log/samba/log.%m
Is really cool. It creates a different log file for each machine it
deals with. So if you're having problems with machine \\FOO, you could
look in /var/log/samba/log.foo.
* Compile the latest Samba from source, if you're confident.
* RTFMailing lists. Particularly the samba-ntdom list, if it's still in
existence. The generic samba list is good too.
If you get stuck, feel free to send a detailed message outlining your
problem to the list and I'm sure someone will offer suggestions. Some
might even be helpful :-). Feel free to contact me off list if you get
As I mentioned before, there's also companies that will set this stuff
up for you (or give assistance) that are based in Adelaide, should you
get *really* stuck.
Hope it helps,
LinuxSA WWW: http://www.linuxsa.org.au/ IRC: #linuxsa on irc.openprojects.net
To unsubscribe from the LinuxSA list:
mail linuxsa-request at linuxsa.org.au with "unsubscribe" as the subject
More information about the linuxsa