samba4 smb.conf requirements for ADS domain membership

Andrew Bartlett abartlet at
Thu Jul 20 01:17:46 GMT 2006

On Wed, 2006-07-19 at 11:31 +0200, Stefan (metze) Metzmacher wrote:
> Hash: SHA1
> Murali Bashyam schrieb:
> > Can someone point out the smb.conf changes for samba 4 server to become
> > member of a AD domain and perform kerberos authentication with the AD
> > server
> > acting as KDC?
> > 
> > The parameter 'security' used to be ADS for samba3, but this doesn't work
> > with samba 4
> Hi Murali,
> sorry but samba4 doesn't support the member server role yet.
> Hopefully this changes in the next few month...

Metze is correct, we don't yet have a member server role useful for
anything beyond some very specific research options.  We can join as a
member server (set 'server role = domain member'), and support
kerberised logins, but none of the mapping occurs behind that.

It can be useful for demonstrating some CIFS proxy ideas, but that is
about all at this stage.

Andrew Bartlett

Andrew Bartlett                      
Authentication Developer, Samba Team 
Samba Developer, Red Hat Inc.        
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :

More information about the samba-technical mailing list