From owner-freebsd-current@FreeBSD.ORG Wed Jan 28 13:33:11 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0693E16A4CE for ; Wed, 28 Jan 2004 13:33:11 -0800 (PST) Received: from bragi.housing.ufl.edu (bragi.housing.ufl.edu [128.227.47.18]) by mx1.FreeBSD.org (Postfix) with ESMTP id B616A43D48 for ; Wed, 28 Jan 2004 13:33:07 -0800 (PST) (envelope-from WillS@housing.ufl.edu) content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-MimeOLE: Produced By Microsoft Exchange V6.0.6249.0 Date: Wed, 28 Jan 2004 16:33:06 -0500 Message-ID: <0E972CEE334BFE4291CD07E056C76ED8DB373A@bragi.housing.ufl.edu> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: nss_winbind support Thread-Index: AcPkVSQDfIUVU/P4ROa3qB+QTc+rIQBkIT+Q From: "Will Saxon" To: "Tim Aslat" cc: current@freebsd.org Subject: RE: nss_winbind support X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Jan 2004 21:33:11 -0000 > > I may have just missed it but there doesn't seem to be a lot of > > information available on how to set Samba 3 up under FreeBSD 5.x to > > use nss_winbind and pam_winbind. What information I have=20 > found doesn't > > seem to work, maybe because it focuses on joining the domain as an > > NT-style domain member vs. Active Directory-style membership. >=20 > Sorry I can't help with this one, still working it out myself.=20 >=20 > I have had it working previously with rpc but not ads. Just a followup, in case anyone else cares.. This problem has been = worked on and may be fixed in the samba CVS tree as of the 7th of this month. = It should be in the latest release candidate that has been posted recently. You have to copy the libnss_winbind.so module from = samba/source/nsswitch/ into /usr/lib and make symlinks to libnss_winbind.so.1 and perhaps nss_winbind.so.1 and nss_winbind.so.2 (or so I read). I am now able to assign microsoft domain user/group permissions on files and directories and presumably I will be able to replace our fileserver with a samba3 machine which participates in the Active Diretory and uses kerberos=20 authentication, etc. Very happy about this.... -Will