1<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" 2"http://www.w3.org/TR/html4/loose.dtd"> 3<html> 4<head> 5<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"> 6<title>Poptop MSCHAP2 ADS Howto</title> 7</head> 8 9<body> 10<p><strong>8. Samba 11</strong></p> 12<p>FC5 comes with samba v3.0.21b and FC6 has version 3.0.32c. The current samba RPM version from <em>yum</em> at the time of writing for FC5 is v3.0.23c. It is highly recommended to use the latest version. </p> 13<p>The required RPM packages for samba in Fedora are <em>samba, samba-client, samba-common</em>. Install through <em>yum</em> if any of them is missing. </p> 14<blockquote> 15 <pre>[root@pptp ~]# yum install samba samba-common samba-client</pre> 16</blockquote> 17<p><strong>Note: </strong> 18Information on Samba and FC4 can be found in <a href="poptop_ads_howto_a2.htm#samba">Appendix A3</a>.</p> 19<hr> 20<strong><a name="smbconf"></a>8.1 Configure Samba</strong> 21<p>No matter you choose to use winbind or freeradius to connect to Active Directory, you will have to configure samba properly. The configuration file of samba is in /etc/samba and is called smb.conf. The file should have at least the following lines. </p> 22<blockquote> 23 <pre>[global] 24# define the netbios name of the domain 25<strong>workgroup = EXAMPLE</strong> 26# define the pptp server netbios name 27<strong>netbios name = PPTPDSVR</strong> 28# define the AD domain name 29<strong>realm = EXAMPLENET.ORG</strong> 30# server description 31server string = pptpd Server 32# printer stuff 33printcap name = /etc/printcap 34load printers = no 35cups options = raw 36# log file stuff 37log file = /var/log/samba/%m.log 38max log size = 50 39# must set to ads 40<strong>security = ads</strong> 41# address of domain controller 42<strong>password server = 10.0.0.1</strong> 43# enable encrypt passwords 44<strong>encrypt passwords = yes</strong> 45# default socket options setting on older samba. It is not defined in v3.0.23c 46;socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 47# not to be a master browser 48domain master = no 49preferred master = no 50# address of the WINS server 51<strong>wins server = 10.0.0.1</strong> 52dns proxy = no 53# require this line to join the domain in older samba 54# I don't need this for samba v3.0.23 55<strong>;client use spnego = yes</strong> 56# winbind stuff 57<strong>idmap uid = 50001-550000 58idmap gid = 50001-550000 59winbind separator = + 60winbind nested groups = Yes 61winbind enum users=yes 62winbind enum groups=yes</strong> 63template shell = /bin/false 64winbind use default domain = no</pre> 65</blockquote> 66<p>The lines in bold are the important ones that you should pay attention to. Execute "testparm" to check the configuration. Correct any errors before proceeding to the next step.</p> 67<hr> 68<a href="poptop_ads_howto_6.htm">Next</a> <a href="poptop_ads_howto_4.htm">Previous</a> <a href="poptop_ads_howto_1.htm#toc">Content</a> 69<p> </p> 70</body> 71</html> 72