[Samba] samba4, with existing krb5 and ldap
lux-integ
lux-integ at btconnect.com
Fri Nov 1 04:28:10 MDT 2013
Greetings,
I bave a linux-running-computer acting as a KDC. It has :-
OS--blfs linux gcc-4.8.1 linux-3.10.17, krb5-1.11.2, openldap-2.4.35, cyrus-
sasl-2.4.26,bind-9.9.4,ntp4.2.7
my /etc/krb5.conf has :-
[dbmodules]
openldap_ldapconf = {
db_library = kldap
ldap_kerberos_container_dn = cn=krbcontainer,dc=somewhere,dc=com
ldap_kdc_dn = "cn=kdc-service,dc=somewhere,dc=com"
# this object needs to have read rights on
# the realm container and principal subtrees
ldap_kadmind_dn = "cn=adm-service,dc=somewhere,dc=com"
# this object needs to have read and write rights on
# the realm container and principal subtrees
ldap_service_password_file = /etc/krb5/service.keyfile
ldap_servers = ldaps://machine1.somewhere.com
ldaps://machine2.somewhere.com
ldap_conns_per_server = 5
}
in otherwords ldap uses krb5 for authentication
(AND it took me ages to work out and test the krb5.conf and have ldap and
cyrus and bind all working together )
NOW I want to use the machine as a domain controller and install samba4
thereon. I learnt that samba4 has a bundled ldap and cant use the ldap
already installed.
The question is could I still use the /etc/krb5.conf (excerpt thereof above)
as is or would there be a conflict with the bundled ldap in samba4
OR is it possible to configure samba4 to use the ldap already installed?
OR
OR
Advice /suggestions will be greately appreciated
sincerely
luxInteg
More information about the samba
mailing list