[Samba] Samba not working with sssd on CentOS 6.5

AndreiV andreiv3103 at gmail.com
Thu Sep 25 02:38:06 MDT 2014

I am sorry for the inaccurate information or questions. I am trying to learn
more about Samba and I am doing that while setting up some servers.

It is true that I should have red the manual first, but I a little bit under
pressure. :D
But with the comments I got from everyone I think I finally started to
understand how things work.

I was just digging through the samba wiki page and doing some tests when I
saw the e-mail from Rowland explaining exactly what I just understood. Here
is how I see things now, please correct me if I am wrong.

There is no direct connection between sssd and samba. As Rowland said, they
are different things. But why then setting up sssd makes Samba work
(perfectly on CentOS 7 and mostly on CentOS 6.5)?
The sssd setup process involves first joining the server to a AD domain
(using adcli), which in turn creates the keytab.
The next step is configuring the kerberos client to use the same AD
The next config step is achieved with this command: authconfig --enablesssd
--enablesssdauth --update that sets nsswitch and pam.
And the last step is to configure the sssd service (/etc/sssd/sssd.conf).

The connection with samba is getting the keytab and setting up the kerberos
client. Samba, when set to security = ads seems to use the kerberos client
on the system to authenticate clients. This happens on both CentOS 6.5 and
7. Without any winbind! I don't know why, but this works.

With one problem though on CentOS 6.5. My original issue: the server can be
accessed only thorugh \\sambaserver and not through \\sambaserver_IP. On
CentOS 7 both access methods work.

Does anyone have any idea why?

View this message in context: http://samba.2283325.n4.nabble.com/Samba-not-working-with-sssd-on-CentOS-6-5-tp4673186p4673209.html
Sent from the Samba - General mailing list archive at Nabble.com.

More information about the samba mailing list