[Samba] AD-Integration of Samba4 AD DC machine itself?
Sven Geggus
lists at fuchsschwanzdomain.de
Wed Mar 12 09:34:36 MDT 2014
Hello,
I have quite some experiance integration Linux Machines into AD
(mostly the M$ one up to now).
But now I have a Samba AD DC, which works fine so far.
If I understand this correctly, the server itself does not need to be "part"
of the domain itself as far as user administration is concerned, right?
For using nss-ldapd I would need a valid /etc/krb5.keytab instead of the
samba4 integrated database for kerberos principals.
Can I do the following:
1. run "samba-tool domain exportkeytab /etc/krb5.keytab"
2. stop samba: /etc/init.d/samba stop
3. add "kerberos method = system keytab" to /etc/samba/smb.conf
4. start samba: /etc/init.d/samba start
If so will users and computers added in futuere end up in /etc/krb5.keytab
as expected?
Furthermore, which tool can I use to duplicate the "MACHINE$@REALM"
prinzipal of my DC to the Unix style name style host/machine at REALM?
Regards
Sven
--
The main thing to note is that when you choose open source you don't
get a Windows operating system.
(from http://www.dell.com/ubuntu)
/me is giggls at ircnet, http://sven.gegg.us/ on the Web
More information about the samba
mailing list