[Samba] Samba not working with sssd on CentOS 6.5

AndreiV andreiv3103 at gmail.com
Thu Sep 25 02:38:06 MDT 2014


I am sorry for the inaccurate information or questions. I am trying to learn
more about Samba and I am doing that while setting up some servers.

It is true that I should have red the manual first, but I a little bit under
pressure. :D
But with the comments I got from everyone I think I finally started to
understand how things work.

I was just digging through the samba wiki page and doing some tests when I
saw the e-mail from Rowland explaining exactly what I just understood. Here
is how I see things now, please correct me if I am wrong.

There is no direct connection between sssd and samba. As Rowland said, they
are different things. But why then setting up sssd makes Samba work
(perfectly on CentOS 7 and mostly on CentOS 6.5)?
The sssd setup process involves first joining the server to a AD domain
(using adcli), which in turn creates the keytab.
The next step is configuring the kerberos client to use the same AD
(/etc/krb5.conf)
The next config step is achieved with this command: authconfig --enablesssd
--enablesssdauth --update that sets nsswitch and pam.
And the last step is to configure the sssd service (/etc/sssd/sssd.conf).

The connection with samba is getting the keytab and setting up the kerberos
client. Samba, when set to security = ads seems to use the kerberos client
on the system to authenticate clients. This happens on both CentOS 6.5 and
7. Without any winbind! I don't know why, but this works.

With one problem though on CentOS 6.5. My original issue: the server can be
accessed only thorugh \\sambaserver and not through \\sambaserver_IP. On
CentOS 7 both access methods work.

Does anyone have any idea why?



--
View this message in context: http://samba.2283325.n4.nabble.com/Samba-not-working-with-sssd-on-CentOS-6-5-tp4673186p4673209.html
Sent from the Samba - General mailing list archive at Nabble.com.


More information about the samba mailing list