[Samba] Using Samba4 AD to authenticate users of other Linux services (SSH, Mail, etc.)
L.P.H. van Belle
belle at bazuin.nl
Fri Jul 8 06:46:09 UTC 2016
> For Samba4 AD, I see mentions of pam-winbind, pam-sss, sssd, kerberos, and
> don't
> quite understand which of these I actually need.
Its your party... and,., you forgot pam-ldap ;-)
You need to set UID/GIDs on the users and groups.
And you need to make sure these users have a home dir.
I choose kerberos for my linux auth.
Per example for ssh, if you install ssh-krb5 in debian,
you can use the AD-AC users to login on the linux systems.
Look here : https://wiki.samba.org/index.php/User_Documentation
Bit on the bottem there are some examples.
Like : https://wiki.samba.org/index.php/OpenSSH_Single_sign-on
If you run pam-auth-update you can see the pam selected things.
Hope this helps you a bit.
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens MI
> Verzonden: donderdag 7 juli 2016 22:07
> Aan: Samba List
> Onderwerp: [Samba] Using Samba4 AD to authenticate users of other Linux
> services (SSH, Mail, etc.)
>
> I'm confused about how to authenticate users of other Unix services with
> Samba4 AD.
>
> After trying the classic upgrade on a test server, I can use smbclient.
> However,
> "getent passwd" doesn't show the users, and I'm not sure what I have to do
> now.
>
> On the live machines, I have openldap, pam-ldapd and nslcd running to
> authenticate
> users of Samba 3 as well as ssh, postfix, dovecot, apache, mediawiki,
> postgresql, etc.
>
> For Samba4 AD, I see mentions of pam-winbind, pam-sss, sssd, kerberos, and
> don't
> quite understand which of these I actually need.
>
> The point is to use the Samba4 AD-DC to authenticate users for the other
> Linux
> services, including on other machines which may not be running Samba.
> Particularly
> for SSH and mail.
>
> All the Linux machines run Debian 8.
>
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list