[Samba] Join an ADS Domain and provide simple password security

TAKAHASHI Motonobu monyo at monyo.com
Sun Oct 12 05:20:00 MDT 2014


Hello, 

From: Ingo Krabbe <ingo.krabbe at eoa.de>
Date: Sat, 11 Oct 2014 11:02:24 +0200

> I'm used to share some files and trees with samba from linux boxes, using
> simple password security for a few selected accounts, by using
> `smbpasswd` and `security=user`. Now I sometimes want to enter a domain
> in my company office network.
> 
> But I could not use `net ads join` as long as I haven't changed
> `security=user` to `security=ads`.
> 
> I'm a bit confused now:
> 
> I joined a domain with security=ads and started winbindd with this setting. Now I moved my samba configuration back to `security=user` so I can use my local user accounts.
> 
> Still winbind echoes the domain users and smbtree shows the domain hosts,
> but the share server now works in another domain, that is local to the
> system it runs on.
> 
> Is this configuration valid, or will it fail?
valid.

smbtree always shows all hosts of all domain/workgroup properly configures
in the subnet.
And stop winbindd if you use Samba with "security = user".

> What is the idea of joining a domain anyway?
> 
> Can I join an ads domain with the linux host and provide 'security =
> user' shares on the same machine? If yes, how?

Use 'HOSTName\UserName' style to access the Samba server joined to an ads
domain, you can authenticate as the host's local user.

---
TAKAHASHI Motonobu <monyo at monyo.com> / @damemonyo 
                   facebook.com/takahashi.motonobu



More information about the samba mailing list