[Samba] Samba & Win2k AD domain membership
Gordon Hopper
g.hopper at computer.org
Mon May 9 06:08:00 GMT 2005
No, you don't need to run winbind (provided that all of your Samba users
already have unix accounts, or you list them in your smbusers file). I
use Samba+Kerberos (with Active Directory) without running winbind. I
didn't modify my pam settings because I'm using Kerberos only for Samba.
Note that, in this scenario, my AD users cannot log in to the box (with
e.g. telnet). Also, I map the file permissions with "force user = x",
since the users don't have a read uid on the box. (Also, I can't access
AD groups without winbind... There are some downsides, but Samba does
work without it.)
Regards,
Gordon Hopper
On Sat, 2005-05-07 at 13:17 -0700, Rodre Ghorashi-Zadeh wrote:
> Hello,
>
> I am trying to setup my samba server version 3.0.10-1.fc3 as a Win2k Domain
> Member. What I need to know is once I have ADS security and Kerberos
> working, do I still need to use winbind or ldap for client authentication or
> will Kerberos take care of it?
>
>
>
> Rodre Ghorashi-Zadeh
>
> Chief Systems Engineer
>
> Conduit Technical Environments Corporation
>
> 604.785.4888
More information about the samba
mailing list