sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-03-08 04:58:40 +03:00
Code

Clarifications for the ADS docs.

Browse Source 
(This used to be commit 9931f50b396d7e7188de583e5732781e8bea587d)
This commit is contained in:
Andrew Bartlett 2003-02-01 03:28:35 +00:00
parent 7054fb2507
commit b0e57ee3d4
1 changed files with 8 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
docs/docbook/projdoc/ADS-HOWTO.sgml
View File

@ -60,7 +60,8 @@ to get them off CD2.</para>
<para>If your kerberos libraries are in a non-standard location then
remember to add the configure option --with-krb5=DIR.</para>
<para>After you run configure make sure that include/config.h contains
<para>After you run configure make sure that include/config.h it
generates contains
lines like this:</para>
<para><programlisting>
@ -89,9 +90,10 @@ In case samba can't figure out your ads server using your realm name, use the
</programlisting>
</para>
<para>You do *not* need a smbpasswd file, although it won't do any harm
and if you have one then Samba will be able to fall back to normal
password security for older clients. I expect that the above
<para>You do *not* need a smbpasswd file, and older clients will
be authenticated as if "security = domain", although it won't do any harm
and allows you to have local users not in the domain.
I expect that the above
required options will change soon when we get better active
directory integration.</para>
</sect1>
@ -131,7 +133,7 @@ to join the realm.
<para>
If all you want is kerberos support in smbclient then you can skip
straight to step 5 now. Step 3 is only needed if you want kerberos
support in smbd.
support for smbd and winbindd.
</para>
</sect1>
@ -140,9 +142,7 @@ support in smbd.
<title>Create the computer account</title>
<para>
Do a "kinit" as a user that has authority to change arbitrary
passwords on the KDC ("Administrator" is a good choice). Then as a
user that has write permission on the Samba private directory
As a user that has write permission on the Samba private directory
(usually root) run:
<command>net ads join</command>
</para>
@ -152,8 +152,6 @@ user that has write permission on the Samba private directory
<para>
<variablelist>
<varlistentry><term>"bash: kinit: command not found"</term>
<listitem><para>kinit is in the krb5-workstation RPM on RedHat systems, and is in /usr/kerberos/bin, so it won't be in the path until you log in again (or open a new terminal)</para></listitem></varlistentry>
<varlistentry><term>"ADS support not compiled in"</term>
<listitem><para>Samba must be reconfigured (remove config.cache) and recompiled (make clean all install) after the kerberos libs and headers are installed.</para></listitem></varlistentry>
</variablelist>