[Samba] AD authentication on samba server using sssd
shridhar shetty
shridhar.sanjeeva at gmail.com
Thu Jun 16 16:15:10 UTC 2016
I got samba to work with sssd finally. :)
Wanted to share so that it could help someone with debugging.
I was trying to access the fileserver using IP address which was failing.
It worked when using hostname to connect to the fileserver.
Short explanation
* When accessing samba fileserver using hostname, kerberos authentication
kicks in, which works fine as expected.
* But when accessing samba fileserver using ip address, kerberos
authentication fails and falls back to NTLM. (NTLM is not supported in SSSD
yet)
Thanks
On Thu, Jun 16, 2016 at 10:30 AM, shridhar shetty <
shridhar.sanjeeva at gmail.com> wrote:
> Well thanks.
> Will post it on the sssd list.
>
> On Wed, Jun 15, 2016 at 11:36 PM, Rowland penny <rpenny at samba.org> wrote:
>
>> On 15/06/16 18:24, shridhar shetty wrote:
>>
>>> I am trying to run samba with sssd service and AD authentication.
>>> I have joined the linux server to the AD domain using realmd and using
>>> sssd
>>> to authenticate to the AD. I am able to get user list from AD using
>>> "getent
>>> passwd <username>".
>>> The samba servers starts but i am unable to get the authentication
>>> working.
>>>
>>> I referred the samba dos for centos7 and also installed
>>> sssd-libwbclient.
>>>
>>> https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Windows_Integration_Guide/sssd-ad-integration.html
>>>
>>> Any pointers would be appreciated. thanks :)
>>>
>>
>> Yes, try asking on the sssd mailing list, they should be able to give you
>> better help than here, sssd has nothing to do with Samba.
>> If you want to use winbind instead, then this is the place to ask.
>>
>> Rowland
>>
>>
>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>>
>
>
More information about the samba
mailing list