[Samba] LDAP proxy auth
Rowland Penny
rowlandpenny at googlemail.com
Sat Oct 25 14:23:47 MDT 2014
On 25/10/14 20:33, Lars Hanke wrote:
> During my test phase I used to manage POSIX attributes in my AD using
> ldap-tools with -Y GSSAPI after kinit Administrator. Now this became
> impossible unless I logged in as Administrator, since the principal is
> tied to the user account - be it only for NFS4. ;) Administrator so
> far is not even a POSIX user.
>
> My first idea was to join my POSIX user to some group, which is
> allowed to modify user data. Does samba4 recognize this? And which
> group would be the correct one?
>
> Alternatively, is there a way to simple bind with Administrator access
> rights?
>
> Thanks for your help,
> - lars.
investigate ldb-tools and kerberos, you will need a keytab, but if you
use winbind, this will be created for you.
Rowland
More information about the samba
mailing list