[Samba] Joining a domain
chrisstankevitz at gmail.com
Thu Mar 12 10:39:50 MDT 2015
On Thu, Mar 12, 2015 at 2:25 AM, Rowland Penny
<rowlandpenny at googlemail.com> wrote:
>> I'm sorry for being so daft, but I am asking you if I need/want to
>> join the domain. I do not know the answer. Reminder of my scenario:
>> samba is sharing files and users provide their Active Directory
>> usernames and passwords to log into to samba. I will call this
>> "Scenario A".
> If you want to use usernames & passwords then you can do this at least two
> A) create all the required users on the computer and run it as a standalone
> B) join the computer to the domain and use the DC's for authentication
Thank you for educating me.
I have my samba setup working as you have described, but I will ask a
question for "academic" purposes -- just so I can better understand
what is happening. Please feel free to refer me to a
book/site/article/source_code that spells out what is happening.
Couldn't samba act as a "proxy", not join the windows domain, but
still authenticate via AD?
1. samba shares files without joining AD.
2. A user "logs in" to samba by presenting an AD username/password
3. samba, not being joined to the domain still finds a "domain
controller" and submits the credentials.
4. the "domain controller" responds PASS or FAIL
5. samba allows access as appropriate, perhaps mapping to a valid UID
I am trying to understand what is happening, I am not trying to insult
samba or it's code or its way of doing things.
More information about the samba