[Samba] Samba share authentication using SSSD

John Hixson john at ixsystems.com
Mon Jun 9 16:58:28 MDT 2014


On Sat, Jun 07, 2014 at 05:27:26PM -0400, Nico Kadel-Garcia wrote:
> Separate "account management" from "authentication. LDAP is critical
> for account management, but the underlying authentication is usually
> Kerberos. You've neglected to say what is your base OS, so it's hard
> to be more specific than that, but I'd look at your relevant Kerberos
> setups and test if you can do 'kinit' to add Kerberos tickets.

What I have is just a setup for testing. Everything is running on
FreeBSD and not using kerberos at all. I was trying to achieve share
authentication against the LDAP server without any samba LDAP
configuration.

- John

> 
> On Fri, Jun 6, 2014 at 1:36 PM, John Hixson <john at ixsystems.com> wrote:
> > Hi,
> >
> > Here is my desired configuration:
> >
> > An external LDAP server, Samba 4.1.8 (not configured as a member server
> > or as a domain controller), and SSSD configured with the external LDAP
> > server. Authentication locally and via ssh works fine using pam_sss.so.
> > When attempting to authenticate a share on windows using an LDAP users
> > credentials, the request fails with NT_STATUS_ACCESS_DENIED. I'd like to
> > do this without configuring samba at all to use LDAP, is this possible?
> >
> > - John
> > --
> > To unsubscribe from this list go to the following URL and read the
> > instructions:  https://lists.samba.org/mailman/options/samba


More information about the samba mailing list