Samba 4, LDAP and KRB
Cédric CACHAT
lsf at noos.fr
Mon Aug 29 09:03:35 GMT 2005
Hello,
I was advised to subscribe to this mailing list so here is a copy of the
message I sent to the general samba list to describe what I am trying to
achieve:
I want to set up a samba server to replace an Active Directory for my
Windows workstations.
So far, I have a LINUX network that works perfectly, all my users are
stored in a LDAP server (openldap) and their authentication is done
against a MIT Kerberos server. Hence all users have a valid kerberos
ticket when they log onto a machine in the Network.
I want to include my Windows machines to my linux network.
From what I understood, Samba can fake an AD so Windows authentication
at login is done against the Samba server.
So here we go with the questions:
- can Samba use my existing LDAP & Kerberos servers to authenticate
users? From what I saw, Samba 4 has an imbedded LDAP server and I
couldn't figure out how to point to my own LDAP server. Nothing is said
about the smb.conf which is reduced to a minimum, here is what I have:
[globals]
netbios name = <samba server netbios name>
workgroup = MONDOMAINE.FR
realm = mondomaine.fr
domain master = yes
domain logons = yes
[data]
path = /exports/samba/data
read only = no
Do I need to add some instructions in the file smb.conf? And if samba
connects to my LDAP server, do I have to add all the CN records to my LDAP?
- I ran a few tests with Samba 4 but I couldn't activate a user account
so a smbclient command shows
Connection to \\<samba server>\data failed - NT_STATUS_ACCOUNT_DISABLED
Hope somebody knows the answers to those questions, and I hope I was
clear enough. If such is not the case, don't hesitate to ask me for some
more information.
Thanks
Cédric
More information about the samba-technical
mailing list