[TriLUG] AIX Samba to Active Directory

Matt Pusateri mpusateri at wickedtrails.com
Wed Sep 7 16:18:47 EDT 2005 

on Wed, September 7, 2005 4:03 pm, Byarlay, Wayne A. said:
> Greetings all, I hate to be off-topic but I have a burning question,
> and
> users are hot. Unfortunately my experience in this area is not totally
> expert level.
>
> I have an AIX machine with Samba. Not sure what version of either,
> sorry. But I need its samba shares to be authenticating against an
> active directory.
>
> Currently, they are authenticating against an NT domain (Yech!), but I
> am wondering if the change-over is really as simple as changing the
> smb.conf file, or are there broader implications?
>
> Also, will I have to create a new smb password file for the new
> username
> that I'd be using to map to this samba share?
>
> Currently, the upper section of my smb.conf file looks like this(Some
 settings changed to protect the guilty):
>
>    path = /usr/opt/freeware/apache/share/htdocs
>    printing = aix
>    printcap name = /usr/local/etc/printcap
>    load printers = yes
>    guest account = nobody
>    invalid users = root
>    preserve case = yes
>    case sensitive = yes
>    workgroup = OLD_NT_DOMAIN
>    interfaces = 666.666.666.666/255.255.255.0/127.0.0.1
>    wins server = 666.666.666.666
>    security = server
>    password server = name_of_old_nt_domain_controller
>    username map = /etc/smbusers
>    os level = 0
>    local master = no
>    preferred master = no
>    log level = 1 #2
> #   log file = /var/adm/log/log.%m  #use this one to create logs for
> specific machines
>    log file = /var/adm/log/log.smbd
>    hosts allow = <a subnet>.
>    hosts deny = ALL
>
> Any info on this at all (Including some RTFM URLs) would be highly
> appreciated. Thanks a million zillion in advance, assuming anybody
> responds, TRILUG.
>
> wab
> --
> TriLUG mailing list        :
> http://www.trilug.org/mailman/listinfo/trilug
> TriLUG Organizational FAQ  : http://trilug.org/faq/
> TriLUG Member Services FAQ : http://members.trilug.org/services_faq/
> TriLUG PGP Keyring         : http://trilug.org/~chrish/trilug.asc
>
>

Wayne,

Have a look at the samba docs, in particular the howto and samba by
example.

http://us1.samba.org/samba/docs/

You will have the greatest success if you are on a later version on
samba 3 as the samba team has made more recent efforts with Samba and
AD.  You will have to get kerberos running.  Also there is a
smbusermap config variable that will allow you to specify a file to
due looksups from aix users to AD users.

I haven't had to auth to AD yet, but there are plenty of resources out
there on how to do it (although probably from linux not aix)


Matt P.

More information about the TriLUG mailing list