[Samba] Samba4 UNIX password sync
Rowland Penny
rowlandpenny at googlemail.com
Fri Nov 14 10:27:35 MST 2014
On 14/11/14 16:49, Rob Mason wrote:
> Hi List,
>
> I am trialling a small Samba4 AD server supporting 10 users (running
> fine). I also have exim smtp and dovecot imap running on the same
> Debian Wheezy box. Simplistically, what I would like to achieve is for
> an AD user account to also authenticate to imap and smtp using the same
> credentials. I previously used Samba3 'unix password sync' to ensure
> that any domain users were automatically created a unix account. This
> doesn't seem supported any more?
In the 'Good old days' you had Unix users & windows users and if a
windows user connected to a Unix box, they also had to be Unix users,
this is where 'unix password sync' came in. Now, with a Samba4 AD DC,
you just have domain users, you need to find out how to get exim &
dovecot to auth to AD, a quick google turned this up:
https://inutility.net/exim-dovecot-mailserver-with-active-directory/
If you are going to use S4 AD, I would suggest that you follow the
advised route and just use the AD server for auth and install a separate
member server.
Rowland
>
> I believe I now need winbind to support this? If so, then
> "https://wiki.samba.org/index.php/Setup_a_Samba_AD_Member_Server"
> doesn't work on my Debian Wheezy box - I don't see libnss_winbind.so on
> my system. And 'apt-get install winbind' says I'm already on the
> latest version...
>
> Anyone any pointers on the best approach?
>
> smb.conf:
>
> # Global parameters
> [global]
> workgroup = ACASTA
> realm = ACASTA.INTRA
> netbios name = KEPLER
> server role = active directory domain controller
> dns forwarder = 192.168.100.1
> idmap_ldb:use rfc2307 = yes
>
> [netlogon]
> path = /var/lib/samba/sysvol/acasta.intra/scripts
> read only = No
>
> [sysvol]
> path = /var/lib/samba/sysvol
> read only = No
>
More information about the samba
mailing list