[Samba] Samba authenticating against Windows Active Directory

Robert Freeman-Day presgas at gmail.com
Wed May 9 07:50:47 MDT 2012

Hash: SHA1

On 05/08/2012 04:38 PM, Marcelo Pereira wrote:
> Hello all,
> I have a question regarding the integration between Samba and the
> Active Directory (Windows 2008).
> Current setup:
> 1. We have been using a Samba server to offer shared folder to the
> user in my institution. 2. The users have any kind of operational
> system on their machines, and they don't log in any domain server 
> 3. The users simply map their shares at the Samba server, using
> their samba usernames and password.
> The future:
> 1. We have a main LDAP server (Windows 2008 Active Directory) that
> we want to integrate with our Samba server. 2. We would like to
> keep the "modus operandi" of the usage (i.e.: The users simply
> point to their shares, enter their usernames/passwords and access 
> their files). 3. We don't want to have the "samba
> usernames/passwords". Instead, we want the Samba to authenticate
> using the Active Directory.
> The final situation would be:
> 1. User turn his computer on (doesn't matter the operational system
> that he is using). 2. User map his samba share 3. User enter his
> credentials to the Samba Share 4. Samba ask the Active Directory if
> these credentials are valid 5. If the username/password is
> authenticate successfully against the Active Directory, then Samba
> let the user access his files.
> The questions:
> 1. At this point, the linux server has joined the domain (it's ok
> at this point).
> How can I accomplish the Samba+AD integration?? Is there any
> specific documentation??
> Thanks, Marcelo


I good start may be to send the list your smb.conf file.  Possibly
your krb5.conf as well.

This is a good start doc-wise, but is a bit dated:
- -- 

Robert Freeman-Day

GPG Public Key:
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/


More information about the samba mailing list