[Samba] Samba authenticating against Windows Active Directory
presgas at gmail.com
Wed May 9 07:50:47 MDT 2012
-----BEGIN PGP SIGNED MESSAGE-----
On 05/08/2012 04:38 PM, Marcelo Pereira wrote:
> Hello all,
> I have a question regarding the integration between Samba and the
> Active Directory (Windows 2008).
> Current setup:
> 1. We have been using a Samba server to offer shared folder to the
> user in my institution. 2. The users have any kind of operational
> system on their machines, and they don't log in any domain server
> 3. The users simply map their shares at the Samba server, using
> their samba usernames and password.
> The future:
> 1. We have a main LDAP server (Windows 2008 Active Directory) that
> we want to integrate with our Samba server. 2. We would like to
> keep the "modus operandi" of the usage (i.e.: The users simply
> point to their shares, enter their usernames/passwords and access
> their files). 3. We don't want to have the "samba
> usernames/passwords". Instead, we want the Samba to authenticate
> using the Active Directory.
> The final situation would be:
> 1. User turn his computer on (doesn't matter the operational system
> that he is using). 2. User map his samba share 3. User enter his
> credentials to the Samba Share 4. Samba ask the Active Directory if
> these credentials are valid 5. If the username/password is
> authenticate successfully against the Active Directory, then Samba
> let the user access his files.
> The questions:
> 1. At this point, the linux server has joined the domain (it's ok
> at this point).
> How can I accomplish the Samba+AD integration?? Is there any
> specific documentation??
> Thanks, Marcelo
I good start may be to send the list your smb.conf file. Possibly
your krb5.conf as well.
This is a good start doc-wise, but is a bit dated:
GPG Public Key:
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
More information about the samba