Re: [Samba] integrating samba with pam
- Date: Sat, 1 Jul 2017 16:30:25 +0100
- From: Rowland Penny via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] integrating samba with pam
On Sat, 01 Jul 2017 11:48:21 -0300
Guido Lorenzutti via samba <samba@xxxxxxxxxxxxxxx> wrote:
> Hi there!
> I been using samba3 with ldap for years, and now im
> about to move to samba4 to leave the slapd.
I take it you mean that you use Samba as an AD DC
> I didnt try yet to migrate
> the directory from samba3 to samba4. But i did setup a new domain and
> everything looks ok.
> My doubt is related to the configuration of the
> computers with linux so that they can take advantage of the users and
> passwords of ldap. But also, groups that are unix exclusive.
It doesn't work that way, you create groups in AD and then make them
Unix groups as well.
> I didnt
> find a way to create groups that in samba3 where only unix:
> smbgroupadd group
> (withouth the -a)
> Is this possible?
No, not unless you create a new NT4-style domain and I strongly urge
you not go down this path, they are things of the past and Microsoft
seems to be trying to make it harder and harder to use them.
> Also, i
> dont want to install winbind in every workstation to authenticate
> against samba4. How can i configure pam_ldap and nslcd to validate my
> users and groups? I did install kerberos and everything seems ok.
Why do you want to do this ?
The way the Samba code is now written, it needs winbind installed, so
you might as well use it.
See here for more info on setting up a Unix domain member:
To unsubscribe from this list go to the following URL and read the