HP CIFS Server Administrator's Guide Version A.03.01.02 (5900-1766, September 2011)

ManualsBrandsHP ManualsSoftwareHP-UX Common Internet File System (CIFS) Client/Server Software

10. Once the selected user is presented in the Enter the object name to select list,

click the OK button to get in the permission entry for Computers window.

11. In the Permissions dialog box, check Create Computer Objects and Delete

Computer Objects selections.

12. Click on the OK button

13. Click on the Apply button.

14. Click on the OK button on the Advanced Security Setting for Computers window.

15. Click on the OK button on the Computers Properties window.

Step-by-step Procedure

Use the following instructions to join an HP CIFS Server to a Windows 2000/2003 ADS Domain

as a member server:

1. Verify that LDAP-UX Integration product has been installed on your HP CIFS Server:

swlist | grep J4269AA

Consult “Installing LDAP-UX Client Services on an HP CIFS Server” (page 82) in Chapter 6,

"LDAP Integration Support" if necessary.

2. On your HP CIFS Server, you need to create the Kerberos configuration file, /etc/krb5.conf,

which specifies the default realm, the location of a Key Distribution Center (KDC) server and

the logging file names. The Kerberos client depends on the configuration to locate the realm's

KDC.

If there is no /etc/krb5.conf file in existence at the time that

/opt/samba/bin/samba_setup is run, samba_setup will attempt to create and validate

an appropriately configured krb5.conf file based on the answers to the questions asked

when 'ads member server' is chosen.

The following is an example of /etc/krb5.conf which has the realm MYREALM.XYZ.COM,

and machine adsdc.myrealm.xyz.com as a KDC:

# Kerberos Configuration #

# #

# This krb5.conf file is intended as an example only. #

# See krb5.conf(4) for more details. #

# Please verify that you have created the directory /var/log.#

# #

# Replace MYREALM.XYZ.COM with your kerberos Realm. #

# Replace adsdc.myrealm.xyz.com with your Windows ADS DC full#

# domain name. #

# #

[libdefaults]

default_realm = MYREALM.XYZ.COM

default_tkt_enctypes = RC4-HMAC DES-CBC-CRC DES-CBC-MD5

default_tgs_enctypes = RC4-HMAC DES-CBC-CRC DES-CBC-MD5

ccache_type = 2

[realms]

MYREALM.XYZ.COM = {

kdc = adsdc.myrealm.xyz.com:88

admin_server = adsdc.myrealm.xyz.com

}

[domain_realm]

.xyz.com = MYREALM.XYZ.COM

[logging]

kdc = FILE:/var/log/krb5kdc.log

admin_server = FILE:/var/log/kadmin.log

default = FILE:/var/log/krb5lib.log

Joining an HP CIFS Server to a Windows 2000, Windows 2003, and Windows 2008 Domain 73