[Samba] Workstations are member servers (or domain members) Re: Samba AD PDC , LDAP and Single-Sign-On
Andrew Bartlett
abartlet at samba.org
Fri Oct 9 19:23:23 UTC 2015
On Thu, 2015-10-08 at 18:08 -0400, Mark Foley wrote:
> On Thu, 8 Oct 2015 15:46 Sketch wrote:
>
> > It's easy in Linux with Samba as well. You basically just need to
> > follow
> > the directions here:
> >
> > https://wiki.samba.org/index.php/Setup_a_Samba_AD_Member_Server
>
> Thanks for the feedback. OK, I'll check out your link ASAP. The
> "Server" bit
> in the link gives me pause. I *have* a Samba4 AD/DC "server"
> already. I think
> the linux workstations need to be "clients", but maybe this is just a
> matter of
> semantics. I'll research.
In short, workstations are member servers too.
I do thank you for pointing out the gap in our naming scheme here -
indeed we deviate a little from the common usage by saying 'member
server' not 'domain member', but I can confirm that a linux-installed
laptop and a windows-installed laptop desiring single-sign-on from the
login prompt should be configured as 'domain members' or as we put it
in that link, 'member servers'.
The main difference between use as a file server vs use as a desktop,
is that pam_winbindd is mandatory for the Samba method (see elsewhere
for using sssd or other tools), as that will get you you the desktop
login.
I hope this clarifies things,
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba
mailing list