Find the answer to your Linux question:
Results 1 to 6 of 6

Thread: Samba Domain

Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    Samba Domain

    Hey all,
    We have a Samba Domain with LDAP backend. And a seperate Print Server.
    No i would only like those printers to be available to people that are bound the the LDAP/Domain server. How can i do this?

    I have security = domain. And then password server = <hostname> in my smb.conf. And that works, but you have to enter your password again to be able to view shares/use printers. And i dont want the uses to have to do that. Because they are allready bound to the PDC shouldnt they automatically get trusted on any computer/server that is a member of the domain?

    Any help?
    Thanks all
    -- MoonMan(Nathan)

  2. #2
    Super Moderator Roxoff's Avatar
    Join Date
    Aug 2005
    Nottingham, England
    You have a configuration problem here. You should not be using 'security = domain' if the samba server itself is the PDC! This setting tells the samba server to go off to the domain controller for authentication. You dont want this, particularly if you're running the accounts from the Samba machine's own LDAP database.

    I suggest you set 'security = user', make sure everyone has a unix account declared in the LDAP database, and make sure that any username conflicts are resolved in /etc/samba/smbusers. You should declare your password backend using 'passdb backend = ldapsam://<server>' where the server is often (but not always) localhost. You'd also need 'idmap backend = ldapsam://<server>'.

    Once you have this established correctly, you should have no problem imposing control on who gets to use your printers by making sure the 'guest ok' field is off in the shares list, something like this:

        guest ok = no
    Linux user #126863 - see

  3. #3
    But the print server is on another Linux box, thus i have this

    PRINTSERVER -- Auth from PCD to get to Samba Printes/Shares
    USER COMPUTERS -- Auth from PCD

    If that makes sence! Thanks

  4. $spacer_open
  5. #4
    Can anyone please help????

  6. #5

    Talking Problem Fixed

    LDAP settings were incorrect. Works like a charm now

  7. #6

    Samba & Openldap as Primary Domain Controller PDC

    I have a how-to on my website for setting up samba as a primary domain controller (PDC)

    OpenLDAP LAM Samba as PDC

    and if you feeling a little bit more adventurous later on you could try getting into the policies with samba

    Samba Primary Domain Controller with Group Policies

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts