http://ubuntu-virginia.ubuntuforums.org/showpost.php?p=5712234&postcount=6
I'll re-post the item below in case the original goes missing, but credit to Abhishek (abhi300) on the Ubuntu forums.
********************* SNIP *******************
Step 1. Installing
I assume that Ubuntu has been installed with no erros.
Make sure that following packages are installed, if not, install the following packages with the Synaptic Package Manager. You may need to specify “universe” as an extra source for packages.
* Samba (version 3):
o samba
o samba-common (installed by default)
o smbclient (installed by default)
o winbind
* Kerberos:
o krb5-config
o krb5-user
Step 2. Edit configuration files
Edit the following configuration files. I assume the following:
* The local DNS domain is example.com
* The Windows 2003 server is server.example.com
Open this file "/etc/samba/smb.conf" for editing either in GUI mode or by gedit.
You will need to edit this file to look like following -
[global]
security = ADS
realm = EXAMPLE.COM
workgroup = example
password server = server.example.com
wins support = no
wins server = 10.0.20.202
invalid users = root
# Winbind settings
idmap uid = 10000-20000
idmap gid = 10000-20000
# For testing
debuglevel = 2
# A shared folder for testing purposes
[SharedFolder]
path = /home/onno2/Shared_Folder
available = yes
public = yes
writable = yes
force create mode = 0666
force directory mode = 0777
Make sure the path (/home/onno2/Shared_Folder or whatever you choose) exists and that the rights are set properly (chmod 777
Open this file "/etc/krb5conf" for editing to make it like this
[libdefaults]
default_realm = EXAMPLE.COM
krb4_config = /etc/krb.conf
krb4_realms = /etc/krb.realms
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
# The following libdefaults parameters are only for Heimdal Kerberos.
v4_instance_resolve = false
v4_name_convert = {
host = {
rcmd = host
ftp = ftp
}
plain = {
something = something-else
}
}
[realms]
EXAMPLE.COM = {
kdc = SERVER.EXAMPLE.COM
admin_server = SERVER.EXAMPLE.COM
}
[domain_realm]
.server.com = SERVER.EXAMPLE.COM
server.com = SERVER.EXAMPLE.COM
[login]
krb4_convert = true
krb4_get_tickets = true
Now open "/etc/nsswitch.conf" for editing.
The only change we have to do here is to add winbind twice.
# /etc/nsswitch.conf
#
# Example configuration of GNU Name Service Switch functionality.
# If you have the `glibc-doc' and `info' packages installed, try:
# `info libc "Name Service Switch"' for information about this file.
passwd: compat winbind
group: compat winbind
shadow: compat
hosts: files dns
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis
Now when you have done with editing the files...take a breath.
Step 3. Start or restart services
/etc/init.d/samba restart
/etc/init.d/winbind restart
Step 4. Join domain
type in terminal - "net ads join -U administrator" without quotes. Needless to mention that you will need to give administrator password here
If this doesn’t work, check the logs in Linux (/var/log/samba/*) and in Windows - Event Viewer.
Step 5. Test your setup
Type in terminal (without quotes)-
"testparm" to check if your smb.conf has a correct syntax.
"kinit" onno@EXAMPLE.COM test if kerberos works properly.
"wbinfo -u" should give a list of users of domain.
"wbinfo -g" should give a list of groups of domain.
"getent passwd" should give a list of users in the passwd style.
"getent group" should give a list of groups.
"ls -ltr /var/log/samba" gives a list of log files, sorted by time of last change.
"smbclient -L
If this all works properly, try to access the share (/home/onno2/Shared_Folder) from any Windows machine in the domain by using network neighborhood /My Network Places.
