[Samba] Question about implementing samba4 cleartext passwords
Dewayne Geraghty
dewayne.geraghty at heuristicsystems.com.au
Thu Jan 31 00:08:40 MST 2013
> -----Original Message-----
> From: samba-bounces at lists.samba.org
> [mailto:samba-bounces at lists.samba.org] On Behalf Of Adrian Stoica
> Sent: Thursday, 10 January 2013 12:22 AM
> To: samba at samba.org
> Subject: [Samba] Question about implementing samba4 cleartext
> passwords
>
> Hello
>
> I want to create a domain using samba4 and from there to
> authenticate users against ad. The challange for me is that i
> have never worked out with domain or with ldap , and that i
> need to use AD users/passwords to authenticate not only the
> domain clients , but the mail users and perhaps the ftp, or
> web users , that are on another linux distro's.
>
> It is possible to implement a AD with samba4, and to retrieve
> user and password from that database for use on ex. dovecot ? How ?
>
> Many thanks,
> Adrian Stoica
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
I'd encourage you to not consider working with plaintext passwords.
A kerberos environment has many security/convenience (for the user) benefits.
I'd suggest that you consider moving your other ftp,web & other services to be kerberised (kerberos-based), which may mean that your
ftp, web software will need a rebuild. (Samba4 AD DC also performs NTLM (v2)).
This will provide some guidance, but it is a long road:
https://wiki.samba.org/index.php/Samba4/beyond
Most (all?) services have kerberos or gssapi features.
Regards, Dewayne
More information about the samba
mailing list