[Samba] Linux client of the domain - SSSD : authenticating via Kerberos
Cyril
cyril.lalinne at 3d-com.fr
Thu Dec 19 06:27:04 MST 2013
Le 18/12/2013 15:40, Cyril a écrit :
> Hello,
>
> I think I'm starting to understand how Linux client can be integrated
> into a samba domain.
>
> Tell me if I'm wrong :
>
> Linux clients don't need Samba for authentication, only the ldap part of
> samba.
> sssd through kerberos get information from ldap. If the user is known or
> get the right, he can log.
>
> So why should I need to install winbind and samba4 on the linux client ?
> Is it only if I have a Windows AD ?
>
>
> Thanks
> Cyril
>
I can't get sssd working and I don't know why.
On the network, I have a samba4 install on a CentOS6.4.
This server is also the DHCP server
There's no other server on the domain.
A Win7 workstation has already join the domain.
I'm following this wiki :
https://wiki.samba.org/index.php/Local_user_management_and_authentication/sssd
to add a Linux workstation (Ubuntu 12.04 LTS) on the domain. The goal is
to get users authenticate with the same users/password as windows one.
On the workstation :
I have install sssd krb5-user package from ubuntu repository.
The module libsasl2-modules-gssapi-MIT is already installed
I have create a directory security in /lib64 and link file :
# ln -s /usr/local/lib/security/pam_sss.so /lib64/security/
Then when I do :
ldconfig -v | grep sss
libnss_sss.so.2 -> libnss_sss.so.2
On the server :
I have extract the keytab.
On the workstation :
I have configure sssd.conf with LDAP as id_provider ( sssd version < 1.10.0)
I check the /etc/nsswitch.conf. sss is already add.
If I run :
getent passwd
I only get local profiles.
Any idea of what I missed ?
Is there other test I can do to know what's wrong ?
Thanks,
Cyril
More information about the samba
mailing list