SADMS 2 2.0.16
Samba as Active Directory Member Server/Station
As a domain member, the Linux host
· can offer resources (shares) to the domain hosts and act as a domain server.
· offloads authentication to the domain (controllers), making it unnecessary to add local user accounts for domain users
SADMS was designed for use by administrators and takes care of the gory details of configuring a Linux host as an Active Directory (Windows 200x) Domain, an operation that involves modifying a number of arcane configuration files.
The Linux host, running on Samba 3, though not an Active Directory controller, operates as a member of the domain and, as such, refers to controllers for user authentication. No local accounts for Active Directory members are needed.
Communication with Active Directory controllers is carried out through Kerberos and LDAP (not the NT LAN Manager protocols).
Optionally, PAM can be configured to accept domain users for local interactive sessions on the host, whicn then acts as a workstation.
- configuring Kerberos
- configuring Winbind
- configuring Samba
- configuring the Name Switch Service
- optionally configuring PAM
- synchronizing clocks
- joining the server to the Active Directory Domain
- building home directories with the proper file permissions
- making the users' homes and shares
- making advanced group shares
- configuring the start of the daemons
- installing PAM modules
- managing ACLs