[Samba] samba4, with existing krb5 and ldap

lux-integ lux-integ at btconnect.com
Fri Nov 1 04:28:10 MDT 2013


I bave  a linux-running-computer  acting as a KDC.  It has :-  
OS--blfs linux gcc-4.8.1 linux-3.10.17, krb5-1.11.2, openldap-2.4.35, cyrus-

my /etc/krb5.conf has  :-

  openldap_ldapconf = {
      db_library = kldap
      ldap_kerberos_container_dn = cn=krbcontainer,dc=somewhere,dc=com
      ldap_kdc_dn = "cn=kdc-service,dc=somewhere,dc=com"
	  # this object needs to have read rights on
	  # the realm container and principal subtrees
      ldap_kadmind_dn = "cn=adm-service,dc=somewhere,dc=com"
	  # this object needs to have read and write rights on
	  # the realm container and principal subtrees
      ldap_service_password_file = /etc/krb5/service.keyfile
      ldap_servers = ldaps://machine1.somewhere.com 
      ldap_conns_per_server = 5

in otherwords ldap uses krb5 for authentication
(AND it  took me ages to work out and test the krb5.conf and have ldap and 
cyrus and bind all working together )

NOW I want to use the machine as a domain controller and install samba4 
thereon.  I learnt that samba4 has a bundled ldap  and cant use the ldap 
already installed.

The question is could I still use the /etc/krb5.conf (excerpt thereof above) 
as is  or would there be a conflict with  the bundled ldap in samba4
OR is it possible to configure samba4 to use the ldap already installed?


Advice /suggestions   will be greately appreciated


More information about the samba mailing list