I am trying to test a solution of integrating my Debian 6 Squeeze machine in an Active Directory domain.
I dit it with libnss-ldap.conf & ldap.conf
Now, I want to authenticate other users from different domain which I manage. Can you give me the solution?
I tried Global Catalog by adding a new line in ldap.conf with the port number 3268 but it isn't work. There is someone who can help me to do this.
Thank you a lot
Are you using samba at all?
Is mapping of specific uid/gid to users important? What is the OS of the active directory server? Are you planning to use UNIX components for Windows?
(http://technet.microsoft.com/en-us/library/cc731178.aspx)
If so configure your samba.cfg shown here.
"[global]
realm = WORKGROUP
workgroup = WORKGROUP
security = ADS
winbind enum users = Yes
winbind enum groups = Yes
idmap config WORKGROUP:backend = ad
idmap config WORKGROUP:range = 20000-40000000
idmap config WORKGROUP:schema_mode = rfc2307
winbind nss info = rfc2307
winbind expand groups = 2
winbind nested groups = yes
winbind use default domain = Yes
idmap gid = 10000-20000
idmap uid = 10000-20000
kerberos method = secrets and keytab
template homedir = /home/%D/%U
template shell = /bin/bash
usershare allow guests = No
winbind refresh tickets = yes"
Once your samba config is set are you using authconfig to attach to the active directory server?
Options for authconfig use only the ones you need
"authconfig
--update
--kickstart
--enablewinbind
--enablewinbindauth
--smbsecurity=ads
--smbworkgroup=$ADSWorkgroup
--smbrealm=$ADSDomain
--smbservers=$ADSServer
--winbindjoin=$AdminUser
--winbindtemplatehomedir=/home/%U
--winbindtemplateshell=/bin/bash
--enablewinbindusedefaultdomain
--enablelocauthorize"
