[Samba] winbind and smb tries to auth as pdc$ rather than local name when using ADS
Jonathan Petersson
jpetersson at garnser.se
Wed Sep 23 21:49:17 MDT 2009
The kerberos stuff is for the PAM auth although I though this was
necessary for the Samba stuff too.
Also, as far as the workgroup-name goes it's true it's the shorter
name but in my case the short name is PRESIDIO.
Could you send me a copy of your config? I'm obviously a bit off
hacking kerberos.
Thanks
/Jonathan
On Wed, Sep 23, 2009 at 8:16 PM, Adam Nielsen <adam.nielsen at uq.edu.au> wrote:
>> This specific instance is intended to host shares for which users
>> authenticate with their AD credentials, the normal authentication for
>> the system works fine and so does joining the domain. As mentioned
>> earlier initializing kinit and wbinfo returns the expected results and
>> the server shows up as a member in AD.
>
> I'm a bit confused about what you had to do with kinit, keytabs and
> Kerberos, because we've never touched anything to do with Kerberos and
> people can log on to our domain and browse the shares on our Samba
> servers with the AD username passed through (i.e. no separate log on to
> Samba.) It sounds like this is what you're trying to achieve.
>
> We just joined each Samba machine to the domain ("net ads join") and it
> worked straight away.
>
> The first time I did this a few years ago I messed around with the
> Kerberos stuff before realising that apparently it's not necessary...
>
> Cheers,
> Adam.
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list