[Samba] Samba 4.2 on RHEL7

Bedynek, Matthew J. bedynekmj at ornl.gov
Thu Jun 23 15:48:40 UTC 2016


I have a system which is configured as follows:

RHEL 7.2 x86_64 with bundled Samba (samba-4.2.10-6.el7_2.x86_64)
Directory services provided by OpenLDAP server.
Active directory is also available.

I would first like to be able to provide user/password authentication via Active directory simply because it would allow the user to access shares without prompting a password if he is already logged into domain from client.

However, I would like to control security by using the user/group information available from OpenLDAP server (not AD).

I am fortunate that username / password in AD and OpenLDAP are synchronized.  However, group membership is not.

I suppose my questions are:

1. Can Samba 4.2 be configured to only use AD for user/password auth? 

(if not)

2. Can Samba 4.2 be configured to use OpenLDAP (via NSS) to authenticate and user/groups?  I realize this would prompt users for passwords.

Thanks for any insight you can provide.


More information about the samba mailing list