[Samba] Login in linux using ad accounts
Luis Peromarta
lperoma at icloud.com
Tue Mar 12 07:48:41 UTC 2024
Not sure why you want an AD to validate logins in one machine only. Anyway if I were you I’d install a DC in a VM and then join your bare metal as a member server to the AD. And probably a second DC somewhere else in your network.
LP
On 11 Mar 2024 at 15:57 +0000, Rowland Penny via samba <samba at lists.samba.org>, wrote:
> On Mon, 11 Mar 2024 12:32:45 -0300
> Ricardo Campos via samba <samba at lists.samba.org> wrote:
>
> > Hi, all.
> >
> > I have a configured AD, which is working fine, and a DC in the same
> > machine. I know this is not the best way to do it, but I had no other
> > choice available.
>
> I think that means you are using a Samba AD DC as a fileserver, if so,
> then no, it isn't optimal, for various reasons. One of the main ones
> being that you must set the share permissions from a Windows machine.
> Is it possible to run a Unix domain member in a VM on the DC ?
>
> >
> > Now I need to have AD users able to login in the linux (ubuntu)
> > directly.
> >
> > It seems that would be possible through nsswitch.
> > Is that really possible? nsswitch is the only additional software
> > needed?
>
> Not quite, you haven't said what distro you are running, but you need
> to set up the libnss winbind links, on Debian you can easily do this by
> installing the the libnss-winbind & libpam-winbind packages, you must
> also add 'winbind' to the 'passwd' & 'group' lines in /etc/nsswitch.conf
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list