[Samba] Samba4 AD

Rowland penny rpenny at samba.org
Sun Feb 7 18:09:06 UTC 2016 

On 07/02/16 16:18, Alessandro Baggi wrote:
> Il 07/02/2016 17:07, Rowland penny ha scritto:
>> On 07/02/16 15:39, Alessandro Baggi wrote:
>>>>>
>>>>
>>>> Follow the information you will find here:
>>>> https://wiki.samba.org/index.php/Setup_Samba_as_an_AD_Domain_Member
>>>>
>>>> Rowland
>>>>
>>>
>>> Thank you Rowland for your answer.
>>> I've ridden this doc, correct me if I'm wrong, but It explain how to
>>> join a domain for workstation/fileserver/other. After configuring and
>>> joining the domain, winbind in nsswitch.conf permit to see other user
>>> on the new member machine. So if you need to set permission you can.
>>>
>>>
>>>
>>> I don't want join a DC from a file-server on separated machine, I want
>>> serve share-resource located on the same machine where AD DC is
>>> configured.
>>> Samba4 can serve as AD DC and file server in the same time?
>>>
>>> It is possible?
>>>
>>>
>>>
>>>
>>
>> The page is written for a domain member, but you can use some of the
>> info on a DC, What you will need to check is if the libnss links are
>> setup and if 'winbind' is in /etc/nsswitch.conf.
>>
>> You may need another file, but we will cross that bridge if and when we
>> come to it.
>>
>> It is not recommended to use the DC as a fileserver, but you will not be
>> the only one who does :-)
>>
>> What OS are you using.
>>
>> Rowland
>>
>>
>
> I'm using Centos7 but with sernet packages.
>
> How to check if libnss links are setup? I've already configure 
> nsswitch.conf with winbind but user does not appears using getent.
>

The information is on the wiki page I pointed to earlier, but you may 
have missed the link to this page:

https://wiki.samba.org/index.php/Libnss_winbind_links

I use debian (well, Devuan really) and you can set up PAM by just adding 
a file, but my understanding is that Centos doesn't work in the same 
way, you have to manually set up PAM yourself or by using something 
called authconfig ?? I suggest you search google (other search providers 
are available) for how to use it.

What you are trying to do is possible, you just need to get the setup 
correct.

Rowland

More information about the samba mailing list