On Wed, Feb 4, 2015 at 10:24 AM, Chris Adams <linux at cmadams.net> wrote: > Once upon a time, Les Mikesell <lesmikesell at gmail.com> said: >> On Wed, Feb 4, 2015 at 10:05 AM, Chris Adams <linux at cmadams.net> wrote: >> > I have an existing office of Windows computers, in a domain, with a >> > couple of Windows Server 2012 AD servers. I need to add a file server, >> > so I'd prefer to use CentOS 7 and Samba to do it (because I know very >> > little about Windows). However, I'm not finding a good how-to on that. >> > When I search for "samba active directory" or "samba domain", the >> > results are mostly about setting up Samba to be the domain controller, >> > or join an AD domain as a controller, which I don't really want to do if >> > I don't have to. >> > >> > Anybody have any tips, pointers, etc.? >> >> If you expect existing domain credentials to work, I think you have to >> join the domain. Depending on the nature of the files being served, I >> sometimes find it useful to have a public read-only share and avoid >> the authentication mess entirely - copying the files in place with >> linux tools or winscp. It is possible to maintain local accounts on >> the linux side and add those to samba (an extra step) but it is >> painful to keep passwords in sync. > > Yeah, I want to join the domain, and use domain credentials for access, > I just don't want to be an additional domain controller (which is what > the docs/howtos I keep finding seem to assume). I've done Samba with > basic locally-configured users before (not in a long time), but this > needs to use domain credentials. I think authconfig-tui will set this up for you if you check 'Use Winbind' and "Winbind Authentication" and then fill in the AD info on the next screen and hit the Join Domain button. It should add some things to the smb.conf file but you have to add any shares you want besides homes. You will need the AD administrator password to join. -- Les Mikesell lesmikesell at gmail.com