blah hit next on my google search and got this link hehe go figure it is the first link AFTER I finally ask for help http://windows.ittoolbox.com/documents/tutorials/integrating-samba-3-in- to-a-windows-2003-domain-1893 but if anyone has more links to share please do ________________________________ From: centos-bounces at centos.org [mailto:centos-bounces at centos.org] On Behalf Of King, John (Greg) (LMIT-HOU) Sent: Wednesday, July 05, 2006 9:02 AM To: centos at centos.org Subject: [CentOS] Linux kerberos to Windows AD 2000/2003 I have spent the last 4-5 hours scrounging google articles on this and have found 2 solutions. The problem is one of them is something that we will not do (as MS will not support extending AD with Services For Unix(SFU)). The other is simply configuring kerberos and pam on the linux system. No problem there from what I can tell. Ticket cache: FILE:/tmp/krb5cc_0 Default principal: userid at dom.ain Valid starting Expires Service principal 07/05/06 07:23:03 07/05/06 17:23:47 krbtgt/DOM.AIN at DOM.AIN renew until 07/06/06 07:23:03 Kerberos 4 ticket cache: /tmp/tkt0 klist: You have no tickets cached The problem though is configuring winbind from the console (all of the linux systems are nothing more than the kernel, ssh and the few apps necessary for the system to do it's job). All the online examples I have been able to find use the linux GUI. Does anyone know of a document (or mind sharing) how they installed and configured the samba 3 winbind daemon to map SID's to unix uid's/gid's? That would eliminate the need to extend the active directory schema. thanks, Greg -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20060705/b6a08ccb/attachment-0004.html>