samba4 smb.conf requirements for ADS domain membership
abartlet at samba.org
Thu Jul 20 01:17:46 GMT 2006
On Wed, 2006-07-19 at 11:31 +0200, Stefan (metze) Metzmacher wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> Murali Bashyam schrieb:
> > Can someone point out the smb.conf changes for samba 4 server to become
> > member of a AD domain and perform kerberos authentication with the AD
> > server
> > acting as KDC?
> > The parameter 'security' used to be ADS for samba3, but this doesn't work
> > with samba 4
> Hi Murali,
> sorry but samba4 doesn't support the member server role yet.
> Hopefully this changes in the next few month...
Metze is correct, we don't yet have a member server role useful for
anything beyond some very specific research options. We can join as a
member server (set 'server role = domain member'), and support
kerberised logins, but none of the mapping occurs behind that.
It can be useful for demonstrating some CIFS proxy ideas, but that is
about all at this stage.
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc. http://redhat.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20060720/8cba3804/attachment.bin
More information about the samba-technical