Community technical support mailing list was retired 2010 and replaced with a professional technical support team. For assistance please contact: Pre-sales Technical support via email to sales@march-hare.com.
I am also in the process of configuring CVSNT 2.0.58d on a Linux box to authenticate with a win2k PDC from an active directory environnement. The point of having samba and winbind on the linux server is of course to make sure that the Linux server when getting a request from a cvs user is to authenticate invisibly that user (the user don't need to enter his username and password). Meaning that the linux server need to get the domain name and the username of that user and then communicate with the Windows 2000 PDC to make sure that the user's credential are good. So that way the linux cvs server never need to have a local database of username and password of your AD/PDC. If you had to create an account on the linux server and on the windows PDC each time, there would be no easy administration, we don't want that. I have sucessfully setup my cvsnt linux server with samba and winbind so now I can access the cvsnt server with the locally mounted protocol. For a good explanation on how to do this, I am refering you to this article: http://forums.gentoo.org/viewtopic.php?t=114837&highlight=integrate+samb a Forget the fact that this is for gentoo, I've followed the instruction for my linux server which is running RedHat ES 3.0 and it worked without any problems ( of course in that explanation there is some commands exclusive only to gentoo, you'll need to figure out how to do it for your distro of linux). So when your samba config is done properly, you can try the wbinfo -u to get a listing of your usernames (and wbinfo -g for your groups). At that point, your linux server will get a list of your users from your Windows PDC. This list is not copied on your linux server. it's a query coming from your Windows PDC. You will also need to change the permission on your linux server to make sure that your users/groups of your PDC can access the folders. Do a chgrp (change group security) and a chown (change owner security) with proper access for your users. A question to the veterans of this list: With the current setup that I have, has anybody was ever sucessful to authenticate with a CVSNT Linux server from a Windows XP/2000 workstation with the sspi protocol? I've done lots of search on the Internet regarding this, I've even went through all the archives of this mailing list and I didn't found so far any good documentation to setup the sspi protocol on a CVSNT Linux server within an AD environnement. Each time that I'm trying to authenticate on my linux server I get the answer that DOMAIN_NAME\username : such user doesn't exist. Even tough that this same user (me) have all access to the linux server through samba without any problem. I know that the linux server is getting the sspi authentication, it's just not able to authenticate my user. I'm baffled as to what exactly is the problem. For all the informations that I've found on that topic so far, is that a lot of people said that it should be working but I have seen no confirmation that somebody was really able to make it work. Any help, pointers or informations regarding this would be greatly appreciated. Thank you! Alexandre Vanier sysadmin ________________________________ From: cvsnt-bounces at cvsnt.org on behalf of Johnson, Mark Sent: Tue 01/02/2005 5:49 PM To: cvsnt at cvsnt.org cvsnt downloads at march-hare.com @CVSNT on Twitter CVSNT on Facebook Subject: RE: [cvsnt] only need config files -- missing information Below are my versions of the files /etc/cvsnt/PServer /etc/xinitd.d/cvsnt (not cvs) CVSROOT/config I am also running (or trying to run) a recently installed cvsnt (2.0.58d) on Linux with a windows PDC with Active Directory. We had to setup samba and winbind, and verify that we were authenticating against the PDC. (do a "man wbinfo" for help). My IS group helped with this, but they know little about cvs, and I know little about Active Directory. The problem I am having now relates to setting up users. Do I have to create local (linux) users for each domain users? how does this process work? Do I have to create local linux groups, and associate them with domain groups? I'm confused about this. If you, or anyone else knows more about this, any setup info would be greatly appreciated. Mark Johnson