[Samba] NSLCD works, do I need RFC2307 extensions enabled in AD as well?
Rowland Penny
rowlandpenny at googlemail.com
Mon Apr 20 15:01:48 MDT 2015
On 20/04/15 21:50, john wrote:
> Thank you Rowland, so it looks like kerberos should be my
> authentication method and that I'll need to install rfc2307 extensions
> in my Active Directory environment in order to use your approach. Your
> approach supports UPN names for access to shares and It also appears
> that I won't need to use nslcd at all. Does all of that sound correct
> to you?
>
> Thanks again!
>
> John
>
> On Mon, Apr 20, 2015 at 1:17 PM, Rowland Penny
> <rowlandpenny at googlemail.com> wrote:
>
>
>>> it seems like the missing part is getting winbind to use that information.
>>> Can you guide me on the proper approach?
>>>
>>> Thanks!
>>>
>>> John
>>
>> OK, have a look here: https://wiki.samba.org/index.php/Setup_a_Samba_AD_Member_Server
>>
>> That is basically my smb.conf (and when I say 'my' I really mean that is 'my' smb.conf)
>>
>> Rowland
I can only say that it works as I suggested against a samba AD DC (and I
tried it both ways) and I don't use anything other than samba for
authentication.
I would suggest you try it on a test set up in a VM and if it works, go
to production.
Rowland
More information about the samba
mailing list