[Samba] Linux machine to join Samba Domain
steve
steve at steve-ss.com
Sat Mar 29 07:03:31 MDT 2014
On Sat, 2014-03-29 at 17:50 +0530, vikas wrote:
> On Tuesday 18 March 2014 08:32 PM, Sven Schwedas wrote:
> > On 2014-03-18 15:48, vikas wrote:
> >> hi.. all...
> >>
> >> can some one help me understanding how to add linux (mostly ubuntu,suse
> >> etc)
> >>
> >> what exactly i am looking for is what one should do on linux machine
> >> like editing /etc/nssswitch.conf, pam related file etc..but i dont find
> >> any standard way where one can add any linux machine to samba domain
> > Because there isn't any. :-)
> >
> >> my goal is to just get authenticate through Samba
> > There's several ways for that…
> >
> > • Use winbindd. This is probably the most direct equivalent to Windows'
> > "domain join". It's also crap and only has very limited features right
> > now (Shell, home etc. aren't read from AD, but statically configured).
> >
> > • Use pam_ldap, and nss_ldap, and pam_ccreds, and probably half a dozen
> > other ill-documented tidbits and not-quite-sufficient software bits and
> > stitch together a working environment. It's as flexible as it's error
> > prone, but should work with all corner cases and distributions. Eventually.
> >
> > • Use sssd. It's made by RedHat and should be the default for CentOS,
> > and works sufficiently well with Samba. Needs a bit more client-side
> > configuration than winbind iirc, but actually uses the provided AD
> > information like shell and home dir.
> >
> >
> >> Windows machine are successful getting connected to samba with all
> >> policy working like USB disable through regedit, disable drives etc.
> >
> > All of these provide authentication only, though. There's no policy
> > support, you'd need to use some other sync/deployment method for PolKit
> > et. al. (and can't configure them via AD, as far as I know).
> >
> >
>
> Hi..all
> i am trying to authenticate linux machine to samba4 for which i am
> trying very hard to do using below mention links
> http://linuxcostablanca.blogspot.com.es/2013/04/ubuntu-client-for-samba4.html
> http://zachbethel.wordpress.com/2013/04/10/linux-ldap-authentication-with-samba4/
>
> using linuxcosta link i was somewhat near to success(joined domain ) but
> not able to login using domain user the only error it was showing was
> could not contact to ldap server (on local machine) . On server there
> was no error activity.
OK, you you've joined the domain but can't authenticate? Please post:
-smb.conf
-/etc/krb5.conf
-the output of:
klist -ke /etc/krb5.keytab
-/etc/nslcd.conf
-/etc/nsswitch.conf
And we'll get you authenticated.
Cheers,
Steve
More information about the samba
mailing list