[Samba] Authenticating other services against AD - PAM and Postgres - dedicated user
jakkul at gmail.com
Thu Mar 5 01:54:53 MST 2015
I've got a samba4 pdc, fileserver and whatnot running now for a few months,
a number of users logs in there daily, everyone seems quite happy about it
I've migrated my environment from samba3 NTdomain, where I had LDAP backend
for users and I used that to authenticate other services against it: like
pam on other servers and postgres DBs. I have succesully managed to do this
as well using Samba4 and this howto:
chapter openLDAP proxy to AD. But I had to leave administrator credentials
on the server for the PAM and PAM on Postgres to work.
Question: what is your recommendation on creating a samba user, that is
only allowed to list users and groups for the sole purpose of connecting
through OpenLDAP proxy to PAM?
More information about the samba