[Samba] Difference Between Domain and ADS security In Reference
to Realms
John H Terpstra
jht at samba.org
Wed Jan 14 17:43:46 GMT 2004
On Wed, 14 Jan 2004, Harmon, Leigh wrote:
>
> Hi,
>
> I've been researching which type of security to use with Samba 3.0.1 and I still
> don't understand what the difference is between "security=DOMAIN" versus
> "security=ADS." I complied Samba to include ADS support, and I initially chose
> "security=DOMAIN." When I use the "net" command I can add it to my domain.
> However, if I set "realm=our.ads.realm" and do the same "net" command, then I
> get a message saying that server was added to the realm. What is the difference
> between adding the Samba server to the realm using "security=DOMAIN" versus
> adding it to the realm using "security=ADS?"
"security = DOMAIN" causes Samba to work with your Active Directory domain
as if it is an NT4 server - using remote procedure call (RPC)
authentication. This requires NetBIOS over TCP/IP.
"security = ADS" causes Samba to communicate with Active Directory using
Kerberos authentication protocols and does not require NetBIOS over TCP/IP
support.
- John T.
--
John H Terpstra
Email: jht at samba.org
More information about the samba
mailing list