[Samba] Samba4 AD sssd or pam_krb
Chan Min Wai
dcmwai at gmail.com
Sat Dec 28 07:38:30 MST 2013
I'm on gentoo, as far as I know sssd required mit-krb5 and wouldn't compile
I do hope we can directly use shadow attribute from Samba AD and make it
work like ldap...
But it is missing the access to userpasswd or shadow* attribute...
On Sat, Dec 28, 2013 at 4:54 PM, Michael Wood <esiotrot at gmail.com> wrote:
> On 24 December 2013 14:12, Chan Min Wai <dcmwai at gmail.com> wrote:
>> Dear All,
>> I was using Samba3 + LDAP central authentication for the pass 5 years.
>> And since need to move to Samba4 AD was wonder if there is a way to do
>> linux central authentication without sssd but using pam_krb
>> I'm asking this because I've removed mit-krb5 on my testing machine as
>> required by samba4 in my gentoo.
> Samba 4 AD includes its own KDC (based on Heimdal), but you should be able
> to install the MIT krb5 client libs which are what sssd or pam_krb would
> require. Otherwise, surely they would also work with the heimdal client
> I don't know how gentoo packages Samba 4, so it might be more or less
> tricky, but the main thing to do is avoid installing the MIT KDC.
> So without mit-krb5 sssd don't compile.
>> So was wonder if there any other solution and how hard it will be.
>> I've 2 linux gentoo server will dependent on this central authentication
>> (at lease the user Id and the GID have to be correct)
>> without the proper UID and GID display, I can still see the number just
>> very not convenient and hard to see what I'm doing...
>> Thank You
> Michael Wood <esiotrot at gmail.com>
More information about the samba