Table of Contents
Advertisement
Chapter 14. Samba
[public]
comment = Data
path = /export
force user = docsbot
force group = users
guest ok = Yes
[printers]
comment = All Printers
path = /var/spool/samba
printer admin = john, ed, @admins
create mask = 0600
guest ok = Yes
printable = Yes
use client driver = Yes
browseable = Yes
3.2. Domain Member Server
A domain member, while similar to a stand-alone server, is logged into a domain controller
(either Windows or Samba) and is subject to the domain's security rules. An example of a
domain member server would be a departmental server running Samba that has a machine
account on the Primary Domain Controller (PDC). All of the department's clients still
authenticate with the PDC, and desktop profiles and all network policy files are included. The
difference is that the departmental server has the ability to control printer and network shares.
3.2.1. Active Directory Domain Member Server
The following
smb.conf
Directory domain member server. In this example, Samba authenticates users for services
being run locally but is also a client of the Active Directory. Ensure that your kerberos
parameter is shown in all caps (for example
2000/2003 requires Kerberos for Active Directory authentication, the
If Active Directory and Kerberos are running on different servers, the
directive may be required to help the distinction.
[global]
realm = EXAMPLE.COM
security = ADS
encrypt passwords = yes
# Optional. Use only if Samba cannot determine the Kerberos server
automatically.
password server = kerberos.example.com
In order to join a member server to an Active Directory domain, the following steps must be
completed:
254
file shows a sample configuration needed to implement an Active
realm = EXAMPLE.COM
realm
). Since Windows
directive is required.
realm
password server
Advertisement
Table of Contents
