Join NAS to a Samba PDC?

[motionblurrr]

Hello,

I'm wondering if anyone has any experience with getting the QNAP NAS products to join a Samba domain? I have a Samba PDC already on my network and if I could get the NAS (I have a TS-109 Pro) to join that domain and allow me to give access to those accounts, I could finally have single-sign-on to all of my machines (Linux and Windows XP/Vista/7)!

When I try to connect right now using the web UI, I can see (via network sniffer) that the NAS is attempting to perform Kerberos authentication to my PDC, but I don't have Kerberos installed/configured, so of course it fails. I can install and configure Kerberos to work with my Samba PDC if there is hope that the NAS might be able to enumerate my Samba PDC users... I just thought I'd ask here before trying in case anyone knows for sure. I know the documentation says that the NAS requires an AD domain, but considering the fact that the NAS is merely running Samba in the first place, it seems like there must be some way to do this.

I REALLY don't want to built a real Windows AD domain just for this purpose... Please, QNAP, help me out here! If you can't do it via the web UI, perhaps there's some tricks to doing it via the smb.conf or other config files?

[lukehealey.nz]

did you ever get a resolution for this problem?

[Eraser-EMC2-]

I dont know if it works, but these are some steps to join a NAS/Workstation to a SAMBA-PDC:

Create on your SAMBA-PDC an account for your NAS like

Code: Select all

adduser -h /temp -s /bin/sh -D -H [Name_of_NAS]
/usr/local/samba/bin/smbpasswd -L -a -m -n [Name_of_NAS]

and run following commands on the NAS to join to the Domain

Code: Select all

setcfg global "domain master" "no" -f /etc/smb.conf -c
setcfg global "password server" [Name_of_PDC] -f /etc/smb.conf -c
setcfg global "security" "domain" -f /etc/smb.conf -c
/usr/local/samba/bin/net rpc join type MEMBER

But there is no replication service for the Linux User Accounts (passwd, groups, shadow, smbpasswd) ,
you have to sync it manually.

Stefan

[flickerfly]

This was very helpful.

Could you provide any more detail on how you sync accounts? I was looking at 'net rpc vampire', but I guess that wouldn't work. Is it just a simple 'scp /etc/passwd' and others?

How do you get this config to stay static despite reboots once you've implemented it?

[denis.miorandi]

My Qnap is now joined to PDC, and i can get domain users and group via winbind. I've have followed
guide http://www.samba.org/samba/docs/man/Sam ... tml#wdcsdm chapter "NT4/Samba Domain with Samba Domain Member Server: Using NSS and Winbind" Winbind configuration seems ok.
I can correctly retreive users and groups via getent passwd and getent group. What is the next step to have this list
inside qnap users list in the gui (local users or domain user is not important, I just have it available)

Denis

[anto_cipi]

Good Morning

I have buy a NAS TS231+ and now i have to join to SAMBA PDC, samba version is 3.4.7

MY DOMAIN is named : CIPI-SPA

What i have to modified in instrucions, below ?

setcfg global "domain master" "no" -f /etc/smb.conf -c
setcfg global "password server" [Name_of_PDC] -f /etc/smb.conf -c
setcfg global "security" "domain" -f /etc/smb.conf -c
/usr/local/samba/bin/net rpc join type MEMBER

Can you help me ?

Let me know.

Best reagrds
Antonello.

[seamanjeff]

Could someone "in the know" comment on the current state of the art ? I had a QNAP running firmware 4.2 set up as a member server with Samba 4.2 on my lap network and it worked well. Now I've upgraded to QNAP 4.3.3 and Samba 4.6 and I'm not having as much luck.

If it matters, I'm now using the Sernet samba+ builds.