To start you will need to install the following



Samba (Newest Version)

samba

samba-common (installed by default)

smbclient (installed by default)

winbind



Kerberos

krb5-config

krb5-user

Plus any dependencies.....



Then you will need to edit your Samba and Kerberos files.....



/etc/samba/smb.conf



[global]

security = ADS // This sets the security to Active Directory mode;

realm = MYCOMPANY.COM // Must be in all caps... This area is case sensative;

workgroup = mycompany // Needs to match the Domain name minus the ".COM";

password server = something.mycompany.local // This would be the name of the Primary Domain Controler;

wins support = no // This Can be set to yes if you the ability to replicate machine names;

wins server = 10.0.20.202 // This would be the IP Address of the WINS server which is usually the PDC;

invalid users = root // Set the users that can not be logged in via GNOME or KDE desktop on the linux box;

# Winbind settings

idmap uid = 10000-20000

idmap gid = 10000-20000

# For testing

debuglevel = 2

// The above will set the Winbind settings which are the UID and SID for a Active Directory Based Network;



// This will share a folder for you to use for testing;



# A shared folder for testing purposes

[SharedFolder]

path = // should be what ever you wish for it to be;

available = yes

public = yes

writable = yes

force create mode = 0666

force directory mode = 0777





/etc/krb5.conf



[libdefaults]

default_realm = MYCOMPANY.COM // This the Domain Name and must be in all CAPS;

krb4_config = /etc/krb.conf

krb4_realms = /etc/krb.realms

kdc_timesync = 1

ccache_type = 4

forwardable = true

proxiable = true

# The following libdefaults parameters are only for Heimdal Kerberos.

v4_instance_resolve = false

v4_name_convert = {

host = {

rcmd = host

ftp = ftp

}

plain = {

something = something-else

}

}

[realms]

MYCOMPANY.COM = {

kdc = something.mycompany.com

admin_server = something.mycompany.com

}

[domain_realm]

.mycompany.com = SOMETHING.MYCOMPANY.COM

mycompany.com = SOMETHING.MYCOMPANY.COM

[login]

krb4_convert = true

krb4_get_tickets = true



// Your Kerberos file is now ready to use...;



You will then need to edit the nsswitch(Name Server Switch)file.



/etc/nsswitch



# /etc/nsswitch.conf

#

# Example configuration of GNU Name Service Switch functionality.

# If you have the `glibc-doc' and `info' packages installed, try:

# `info libc "Name Service Switch"' for information about this file.

passwd: compat winbind

group: compat winbind

shadow: compat

hosts: files dns

networks: files

protocols: db files

services: db files

ethers: db files

rpc: db files

netgroup: nis





then restart your services....

stream-venom@hackbuntu$/etc/init.d/samba restart

stream-venom@hackbuntu$/etc/init.d/winbind restart



Next join the domain



stream-venom@hackbuntu$net ads join -U administrator%password



Now test it out...



stream-venom@hackbuntu$kinit [your login]@MYCOMPANY.COM



your terminal will then look like



[your login]@MYCOMPANY.COM$



Hope this helps



EDIT:



Please make a backup copy of the files before you edit them...

Load Samba on the Linux box.



If you need to control access on the Windows end, Linux also supports LDAP and can be configured to talk to Active Directory but setup is fussy since you need to set it up manually. You need to know the Distinguished Name of the Windows resources but once you get adept at that it's pretty much a cake-walk.

certain that is accessible. examine to make positive that a million. the DB service is operating on the 2003 server, 2. you're utilising the mind-blowing credentials (eg. username & password) 3. that your packet site visitors isn't being blocked to the port assigned to the listening DB service. If all else fails attempt guy mysl. sturdy success