[Samba] Samba share authentication using SSSD
john at ixsystems.com
Mon Jun 9 17:01:48 MDT 2014
On Sun, Jun 08, 2014 at 01:57:28PM +1200, Andrew Bartlett wrote:
> On Fri, 2014-06-06 at 10:36 -0700, John Hixson wrote:
> > Hi,
> > Here is my desired configuration:
> > An external LDAP server, Samba 4.1.8 (not configured as a member server
> > or as a domain controller), and SSSD configured with the external LDAP
> > server. Authentication locally and via ssh works fine using pam_sss.so.
> > When attempting to authenticate a share on windows using an LDAP users
> > credentials, the request fails with NT_STATUS_ACCESS_DENIED. I'd like to
> > do this without configuring samba at all to use LDAP, is this possible?
> By what process do you expect Samba to obtain the NT password hash, or
> to forward the NTLM response, what what would do the NTLM calculation to
> verify it?
I don't know, this is why I am asking of this is possible ;-) I'm not
really clearly on how samba authentication fully works. I've done some
googling but didn't get very far, at least in finding the fine grained
details like this that one needs to know.
> Andrew Bartlett
> Andrew Bartlett http://samba.org/~abartlet/
> Authentication Developer, Samba Team http://samba.org
> Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba