Client Authentication Ubuntu --- SME8 <> Ubuntu 12.04

fpausp

728
+0/-0

Client Authentication Ubuntu --- SME8 <> Ubuntu 12.04

« on: September 05, 2012, 09:33:17 PM »

Hi all,

I would like to know if anyone tried domain-logon with ubuntu 12.04 to sme8 ?

http://wiki.contribs.org/Client_Authentication:Ubuntu

regards
fpausp

Logged

Viribus unitis

ReetP

3,731
+5/-0

Re: Client Authentication Ubuntu --- SME8 <> Ubuntu 12.04

« Reply #1 on: September 18, 2012, 02:36:30 PM »

Quote from: fpausp on September 05, 2012, 09:33:17 PM

I would like to know if anyone tried domain-logon with ubuntu 12.04 to sme8 ?

I had a go but ended up tearing my hair out - I decided I had better things to do

I am sure it is possible, and there should really be an easy way to do it.

I followed the howto and got a lot of it going though I don't remember exactly where I got stuck - I think it was the security part, though I use Xubuntu and it may have been to do with the login manager or something similar.

If you do succeed please update the wiki !

B. Rgds
John

Logged

...
1. Read the Manual
2. Read the Wiki
3. Don't ask for support on Unsupported versions of software
4. I have a job, wife, and kids and do this in my spare time. If you want something fixed, please help.

Bugs are easier than you think: http://wiki.contribs.org/Bugzilla_Help

If you love SME and don't want to lose it, join in: http://wiki.contribs.org/Koozali_Foundation

mdo

355
+0/-0

Re: Client Authentication Ubuntu --- SME8 <> Ubuntu 12.04

« Reply #2 on: September 19, 2012, 01:36:25 AM »

We are working on this (testing) at the moment.

The breaking point seems to be due to the newer Winbind/Samba version 3.6.x that comes with Ubuntu 12.04. The entire "id mapping" syntax has changed with Samba 3.6.x. We currently have in our documentation:

idmap uid = 5000-20000
idmap gid = 5000-20000

Now this needs to be something like this:

idmap config * : backend = rid
idmap config * : range = xxxx - xxxxx
idmap config * : base_rid = xxxxx (if at all required?).

I have not figured out the final values for a smooth migration

Input and testing results from others would be helpful.

Michael

Logged

...

olddog11

23
+0/-0

Re: Client Authentication Ubuntu --- SME8 <> Ubuntu 12.04

« Reply #3 on: November 04, 2012, 07:03:51 PM »

I have found a solution that has worked for me, I hope others can make use of it.

I have Linux Mint 13 (Mayo) on my laptop (based on Ubuntu 12.04 which is the LTS version.)

Follow the instructions for Client Authentcation:Ubuntu which can be found within the SME Server Documentation.

When editing /etc/samba/smb.conf the following changes are now required:

Comment out:
idmap uid = 5000-20000
idmap gid = 5000-20000

They are no longer required.

Add the following:

idmap config * : backend = tdb
idmap config * : range = 10001-20000
idmap config DOMAIN : backend = rid
idmap config DOMAIN : range = 10000-20000
idmap config DOMAIN : base_rid = 0

I found it in the Ubuntu forum - see link below
http://ubuntuforums.org/showthread.php?t=2060625&highlight=authentication

I did not find the line
idmap backend = ridDOMAN=10000-20000
if you do then I assume it is not required and can be commented out as well.

I also found that the following line is no longer required so I commented it out.
password server = <ip of sme server>

« Last Edit: November 04, 2012, 10:01:38 PM by olddog11 »

Logged