[Samba] Samba4 AD sssd or pam_krb

Michael Wood esiotrot at gmail.com
Sat Dec 28 01:54:42 MST 2013


On 24 December 2013 14:12, Chan Min Wai <dcmwai at gmail.com> wrote:

> Dear All,
> I was using Samba3 + LDAP central authentication for the pass 5 years.
> And since need to move to Samba4 AD was wonder if there is a way to do
> linux central authentication without sssd but using pam_krb
> I'm asking this because I've removed mit-krb5 on my testing machine as
> required by samba4 in my gentoo.

Samba 4 AD includes its own KDC (based on Heimdal), but you should be able
to install the MIT krb5 client libs which are what sssd or pam_krb would
require.  Otherwise, surely they would also work with the heimdal client

I don't know how gentoo packages Samba 4, so it might be more or less
tricky, but the main thing to do is avoid installing the MIT KDC.

So without mit-krb5 sssd don't compile.
> So was wonder if there any other solution and how hard it will be.
> I've 2 linux gentoo server will dependent on this central authentication
> (at lease the user Id and the GID have to be correct)
> without the proper UID and GID display, I can still see the number just
> very not convenient and hard to see what I'm doing...
> Thank You

Michael Wood <esiotrot at gmail.com>

More information about the samba mailing list