Web lists-archives.com

Re: [Samba] Authentification against kerberos / sssd

On Tue, 11 Dec 2018 15:09:39 +0100
tseegerkrb via samba <samba@xxxxxxxxxxxxxxx> wrote:

> Hello list,
> a quick question. Right now I have a combination of MIT Kerberos,
> OpenLDAP and SSSD for authenticating my users. Is there a way that
> Samba can use this setup to perform user authentication. I only want
> to access the shares of the Samba server from about 8 Windows
> computers. I am aware that I cannot make an Active Directory out of
> this.
> At the moment I have stored the users in a local passdb, which works
> but is very unpleasant.

That is why Microsoft came up with domains ;-)

If you look at Active Directory, it is basically composed of kerberos,
ldap and dns., so you can replace your kerberos and ldap servers with a
Samba AD DC, this also come with winbind which will replace sssd.

There is just one possible fly in the ointment, you mention MIT & sssd,
is this using a red-hat OS ?
If it is, you cannot use the OS packages to create an AD DC, or if you
can (Fedora), it shouldn't be used in production.


To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba