Local KDC and Samba
Andreas Schneider
asn at samba.org
Mon Jan 20 08:33:41 UTC 2025
On Monday, 20 January 2025 07:11:30 CET Alexander Bokovoy via samba-technical
wrote:
> On Няд, 19 сту 2025, Steve French wrote:
> > Is there documentation (or example howto, walkthrough etc.) on how to
> > setup the new Local KDC features of Samba server?
> >
> > I wanted to try some experiments with the Linux client to make sure
> > the new type of krb5 mounts work fine. For the server I am using
> > current Samba master branch on Ubuntu.
>
> There are bits and pieces which aren't merged yet in both MIT Kerberos
> and Samba.
>
> Your best way of testing is by using COPR repository Andreas created for
> Fedora as it includes prepared packages.
>
> See https://gitlab.com/cryptomilk/localkdc and
> https://copr.fedorainfracloud.org/coprs/asn/localkdc/
>
> Andreas gave some insstructions in this comment:
> https://github.com/SSSD/sssd/issues/7723#issuecomment-2597864370
For using IAKerb you need smbd and smbclient built from:
https://git.samba.org/?p=asn/samba.git;a=shortlog;h=refs/heads/asn-iakerb
Edit the smb.conf and add:
include /etc/samba/localkdc.conf
at the end of the [global] section after you ran localkdc-setup!
You can then connect to smbd using the mdns name of the machine
(<hostname>.local).
Example:
smbclient //samba-iakerb.local//share -Uasn at SAMBA-IAKERB.LOCALKDC.SITE --use-
kerberos=required
Best regards
Andreas
--
Andreas Schneider asn at samba.org
Samba Team www.samba.org
GPG-ID: 8DFF53E18F2ABC8D8F3C92237EE0FC4DCC014E3D
More information about the samba-technical
mailing list