[Samba] Samba4 AD sssd or pam_krb

Michael Wood esiotrot at gmail.com
Sat Dec 28 01:54:42 MST 2013


Hi

On 24 December 2013 14:12, Chan Min Wai <dcmwai at gmail.com> wrote:

> Dear All,
>
> I was using Samba3 + LDAP central authentication for the pass 5 years.
>
> And since need to move to Samba4 AD was wonder if there is a way to do
> linux central authentication without sssd but using pam_krb
> I'm asking this because I've removed mit-krb5 on my testing machine as
> required by samba4 in my gentoo.
>

Samba 4 AD includes its own KDC (based on Heimdal), but you should be able
to install the MIT krb5 client libs which are what sssd or pam_krb would
require.  Otherwise, surely they would also work with the heimdal client
libs?

I don't know how gentoo packages Samba 4, so it might be more or less
tricky, but the main thing to do is avoid installing the MIT KDC.

So without mit-krb5 sssd don't compile.
>
> So was wonder if there any other solution and how hard it will be.
>
> I've 2 linux gentoo server will dependent on this central authentication
> (at lease the user Id and the GID have to be correct)
>
> without the proper UID and GID display, I can still see the number just
> very not convenient and hard to see what I'm doing...
>
>
> Thank You


-- 
Michael Wood <esiotrot at gmail.com>


More information about the samba mailing list