[Samba] Joining a domain

Chris Stankevitz chrisstankevitz at gmail.com
Thu Mar 12 10:39:50 MDT 2015


On Thu, Mar 12, 2015 at 2:25 AM, Rowland Penny
<rowlandpenny at googlemail.com> wrote:
>> I'm sorry for being so daft, but I am asking you if I need/want to
>> join the domain.  I do not know the answer.  Reminder of my scenario:
>> samba is sharing files and users provide their Active Directory
>> usernames and passwords to log into to samba.  I will call this
>> "Scenario A".
>>
>
> If you want to use usernames & passwords then you can do this at least two
> ways:
> A) create all the required users on the computer and run it as a standalone
> server
> B) join the computer to the domain and use the DC's for authentication

Thank you for educating me.

I have my samba setup working as you have described, but I will ask a
question for "academic" purposes -- just so I can better understand
what is happening.  Please feel free to refer me to a
book/site/article/source_code that spells out what is happening.

Couldn't samba act as a "proxy", not join the windows domain, but
still authenticate via AD?

1. samba shares files without joining AD.

2. A user "logs in" to samba by presenting an AD username/password

3. samba, not being joined to the domain still finds a "domain
controller" and submits the credentials.

4. the "domain controller" responds PASS or FAIL

5. samba allows access as appropriate, perhaps mapping to a valid UID

I am trying to understand what is happening, I am not trying to insult
samba or it's code or its way of doing things.

Thank you,

Chris


More information about the samba mailing list