[Samba] Samba authenticating against Windows Active Directory

Robert Freeman-Day presgas at gmail.com
Wed May 9 07:50:47 MDT 2012 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 05/08/2012 04:38 PM, Marcelo Pereira wrote:
> Hello all,
> 
> I have a question regarding the integration between Samba and the
> Active Directory (Windows 2008).
> 
> Current setup:
> 
> 1. We have been using a Samba server to offer shared folder to the
> user in my institution. 2. The users have any kind of operational
> system on their machines, and they don't log in any domain server 
> 3. The users simply map their shares at the Samba server, using
> their samba usernames and password.
> 
> The future:
> 
> 1. We have a main LDAP server (Windows 2008 Active Directory) that
> we want to integrate with our Samba server. 2. We would like to
> keep the "modus operandi" of the usage (i.e.: The users simply
> point to their shares, enter their usernames/passwords and access 
> their files). 3. We don't want to have the "samba
> usernames/passwords". Instead, we want the Samba to authenticate
> using the Active Directory.
> 
> The final situation would be:
> 
> 1. User turn his computer on (doesn't matter the operational system
> that he is using). 2. User map his samba share 3. User enter his
> credentials to the Samba Share 4. Samba ask the Active Directory if
> these credentials are valid 5. If the username/password is
> authenticate successfully against the Active Directory, then Samba
> let the user access his files.
> 
> The questions:
> 
> 1. At this point, the linux server has joined the domain (it's ok
> at this point).
> 
> How can I accomplish the Samba+AD integration?? Is there any
> specific documentation??
> 
> Thanks, Marcelo

Marcelo,

I good start may be to send the list your smb.conf file.  Possibly
your krb5.conf as well.

This is a good start doc-wise, but is a bit dated:
https://wiki.samba.org/index.php/Samba_&_Active_Directory
- -- 
________

Robert Freeman-Day

https://launchpad.net/~presgas
GPG Public Key:
http://keyserver.ubuntu.com:11371/pks/lookup?op=get&search=0xBA9DF9ED3E4C7D36
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk+qdjMACgkQup357T5MfTaGSACfbGSzUKoOK/qbgZ9rwW2ul+85
x70AnRWAQIv2t794eDa28leSL0d61MrW
=H1/g
-----END PGP SIGNATURE-----

More information about the samba mailing list