Where to get samba-winbind rpm package for RHEL 6.2

Latest response

Hi,

I have installed RedHat Linux Enterprise 6.2(Santiago)
Kernel Linux 2.6.32-220.el6.x86_64

My objective is to integrate this redhat machine with active directory.
For this i want the samba-winbind package.
Where can i get the samba-winbind package ??

PLZZ HELP!!!!!!!

Any help could be appreciated

Responses

Should be on the same media your OS came from.

no this package is not present in the media, when I'm verifying that whether my samba package is installed or not it's showing "samba not installed"......that's why i'm looking for that package...

I have some more thing to ask.....

what are the prerequisites of installing this package ?
where can I get those prerequisites?
can I install those prerequisites from the Internet with the terminal ?

Plzzz HELP!!!

A 'yum install samba' on my 6.4 system installs samba and all dependencies, which includes samba-winbind. So Tom is right, it's also on the media.


================================================================================ Package Arch Version Repository Size ================================================================================ Installing: samba x86_64 3.6.9-167.el6_5 rhel-x86_64-workstation-6 5.0 M Updating for dependencies: libsmbclient x86_64 3.6.9-167.el6_5 rhel-x86_64-workstation-6 1.6 M samba-common x86_64 3.6.9-167.el6_5 rhel-x86_64-workstation-6 10 M samba-winbind x86_64 3.6.9-167.el6_5 rhel-x86_64-workstation-6 2.1 M samba-winbind-clients x86_64 3.6.9-167.el6_5 rhel-x86_64-workstation-6 2.0 M Transaction Summary ================================================================================ Install 1 Package(s) Upgrade 4 Package(s) Total download size: 21 M Is this ok [y/N]:

how can Install this package from the media ? at the time of installation or after the installation?

You can either mount the media and cd to the directory with the packages, or create a repo from the media.

mount /dev/cdrom /mnt/
cd /mnt/Packages
yum localinstall <pkg>
cd
umount /mnt

Or follow this procedure:
http://unixrevolution.blogspot.com/2012/03/use-dvd-as-yum-repo.html

yum install <pkg>

i cannot install any packages.....it's showing a huge dependency error....as i am new to linux.....could anyone help me out that after installing redhat what steps i have to do for installing samba-winbind package ?????

I need some simple steps of installing these packages

Its Urgent

PLZZZ HELP!!!

Again, the best way to solve dependencies is to use the 'yum' command, and even easier after you register and subscribe your system to Red Hat Network. Which subscriptions did you purchase, and where from?

No i have'nt registered my copy.....
Can i use these features without registration?

Registering and subscribing is the best way to get things installed right - it handles all the dependency problems you are probably having.

If you create a repo from the install media (and make sure it is mounted) you can use the yum command. I recommend you try adding your install DVD as a repo - it will make things much easier for the situation you are in.
http://unixrevolution.blogspot.com/2012/03/use-dvd-as-yum-repo.html

Otherwise, yum expects repos to exist which you will not have until your host has a valid subscription.

currently i am using a evaluation copy of redhat enterprise linux server 6.....downloaded form redhat site.....can I install samba-winbind package in it ?

Take a look at:

https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/entitlements.html

It details how to register your system to RHN, and subscribe to the RHEL yum repos to download the samba-windbind package.

Arnab - I completely agree with Andrius' recommendation.

If you have a subscription available, it really will make things much simpler. When you requested your Evaluation copy that included a subscription (which has a time limit). If it has expired, you can request another eval.

hi
i have successfully installed these packages.....thanx a lot for helping me

now i want to join my redhat to a windows domain through LDAP

when i try to join my redhat machine the following error happens

[root@rh6server Desktop]# system-config-authentication
[/usr/bin/net join -w s2c.edu -S domain.s2c.edu -U Administrator]
Enter Administrator's password:<...>

[2014/02/12 02:40:13.640645, 0] rpc_client/cli_pipe.c:3940(get_schannel_session_key_common)
get_schannel_session_key: could not fetch trust account password for domain 'S2C'
[2014/02/12 02:40:13.644502, 0] utils/net_rpc_join.c:92(net_rpc_join_ok)
net_rpc_join_ok: failed to get schannel session key from server domain.s2c.edu for domain S2C. Error was NT_STATUS_CANT_ACCESS_DOMAIN_INFO
Unable to join domain S2C.

Plzz help guys!!!!!

i also have verified that kerberos is working perfectly on windows server 2012

Err... If you were planning to only use just the LDAP interface to AD, why were you mucking about with the winbind utilities? The winbind method is for binding your Linux host to an AD domain in a manner that's highly-similar/equivalent to how you'd natively join a Windows system to an Active Directory domain.

As to your error, I think you need to read the man pages. I haven't used net join in ages (my employer's AD tends to be too large/complex for the winbind that comes with RHEL to deal with), but I believe that, if your DNS is set up correctly, use of the "-w" argument, by itself, is sufficient. You'd mostly use the "-S" if your DNS isn't providing pointer to a valid domain controller name/address.

If you're wanting to bind via a specific domain controller, I'd probably try executing just net ads join -S DC.F.Q.D.N -U Administrator (where "DC.F.Q.D.N" is the fully-qualified domain name of a specific Active Directory domain controller).

Domain joins tend to work best when your winbind client has both A and PTR records and those records match what the target domain controller sees the prospective AD client as.

hey....

i have joined my redhat machine into my windows Active Directory.....machine name showing in active directory :) thanx a lot guyzz

now my final question is

how can i authenticate redhat users with my windows active directory ?
this is my main objective...

im waiting for ur replies

plzz help !!!!!

RedHat has an entire whitepaper on various scenarios for "Integrating Redhat Enterprise Linux 6 with Active Directory"; see e.g.

https://www.redhat.com/resourcelibrary/reference-architectures/integrating-red-hat-enterprise-linux-6-with-active-directory

The interactions between Kerberos, Samba, PAM, NSS and the login process are fairly complicated.

The short version for the winbind+kerberos scenario with uid/gid values from LDAP and Samba file shares is:
* on the windows side, run 2008 R2 or later. Turn on "identity management for unix" role service
* configure /etc/krb5.conf to point at your realm
* verify that "kinit Administrator" works
* run "yum install authconfig-gtk"; in authconfig-gtk pick winbind/ads
* adjust /etc/samba/smb.conf with appropriate idmap settings
* run net ads join -k; then start services smb, nmb, windbind
* add unix attributes to some windows users
* maybe adjust /etc/security/limits.conf to require particular windows groups for login

-- Jim Leinweber, WI State Lab of Hygiene

Thanks for posting that paper link James

  • adjust /etc/samba/smb.conf with appropriate idmap settings

By the way https://access.redhat.com/labs/winbindmapper/ can assist you when coming up with the idmap settings.

For authentication in RHEL 6 I would advise against using Winbind and instead use sssd (option 3 section 6.3 page 56 in the link provided by James) where/if possible. Taking pam_winbind out of the equation made the whole experience far less painful.

Unfortunately the document posted has a manual process for adding the computer to the Windows domain (it's from the Windows server side, not the client side) so it is not the best resource to use (page 62 is the start of the process to generate the keytab on the Windows server itself, this section should ideally be re-written).

This section should be replaced with steps to use Samba/Winbind to join the domain and acquire the keytab (then Winbind can be discarded from the process). As it stands, the manual Windows server process can't easily be integrated into the build process to automatically bind new servers/workstations to the domain.

Unfortunately the document has the following caveat rather than using Samba/Winbind to acquire the keytab:
"The second approach requires the Samba client package and a properly configured Samba configuration. For these reasons, the third approach is utilized here"

-edit-

Document has been updated (v1.5) and has the full process for adding a server to the domain which is an excellent addition!