[Samba] Linux client of the domain - via samba on the client

Rowland Penny rowlandpenny at googlemail.com
Fri Dec 20 03:40:52 MST 2013


On 20/12/13 10:29, Cyril wrote:
> Le 18/12/2013 15:53, Rowland Penny a écrit :
>> On 18/12/13 14:40, Cyril wrote:
>>> Hello,
>>>
>>> I think I'm starting to understand how Linux client can be integrated
>>> into a samba domain.
>>>
>>> Tell me if I'm wrong :
>>>
>>> Linux clients don't need Samba for authentication, only the ldap part
>>> of samba.
>> Linux clients can get their authentication from either a local database
>> or a remote database ( this can be LDAP based or AD based) but if going
>> for remote auth, you really need samba.
>>> sssd through kerberos get information from ldap. If the user is known
>>> or get the right, he can log.
>>
>> If sssd can get extract the users info, then yes, they can login.
>>
>>>
>>> So why should I need to install winbind and samba4 on the linux 
>>> client ?
>>> Is it only if I have a Windows AD ?
>>
>> You can have Samba without winbind, which version of samba you use is up
>> to you, but 3.6 is now in security fixes mode. Samba 4 can be run just
>> the same as 3.x was, it does not have to be an Active Directory 
>> controller.
>>
>> Rowland
>>>
>>>
>>> Thanks
>>> Cyril
>>>
>>
>
> As sssd via kerberos doesn't work at the moment, I would like to try 
> another way to authenticate on Linux workstation with domain profils.
> I'll use another virtual workstation for that.
>
> Should I follow this wiki : 
> https://wiki.samba.org/index.php/Samba/Domain_Member ?
> Of course without setting up services.
>
> Or may be this link should work better for me ?
> http://linuxcostablanca.blogspot.com.es/2013/04/ubuntu-client-for-samba4.html 
>
>
> And should I run the same Samba4 version on the workstation that is on 
> the AD ?
>
> Cyril
>
>
>
>
>
It just isn't working for you, if you now want to use samba, go and have 
a look here (as I earlier advised):
https://fedorahosted.org/sssd/wiki/Configuring%20sssd%20to%20authenticate%20with%20a%20Windows%202008%20Domain%20Server

if you want to continue without using samba, you could try looking here:
http://www.lancaster.ac.uk/iss/tsg/unix-ad/

Rowland




More information about the samba mailing list