[Samba] use linux user account information on samba

Michael Stockenhuber mcs at catalysis.at
Sun Mar 13 06:44:17 UTC 2016 

Hi,
Thank you for the quick reply. I have gone through the samba wiki in particular
the section on nslcd with kerberos, all the setup of dc and member server to no
avail.  Nothing is obviously wrong for example "getent passwd" gives me all the
linux users nd also the Samba users with "DOMAIN\username" names.
Now if I do:
smbclient //server/netlogon -U"linux_user" -c 'ls'
Enter Linux_user's password: 
Domain=[DOMAIN] OS=[Unix] Server=[Samba 4.1.17-Debian]
tree connect failed: NT_STATUS_ACCESS_DENIED

If I do

smbclient //server/netlogon -U"samba_user" -c 'ls'
Enter samba_user's password: 
Domain=[Domain] OS=[Unix] Server=[Samba 4.1.17-Debian]
  .                                   D        0  Mon Jul 13 21:40:02 2015
  ..                                  D        0  Sat Mar 12 14:05:28 2016

		46672 blocks of size 524288. 20658 blocks available

On question 4, I use a separate ldap server which also serves nfs4.
Any ides?
Thanks for the help
Cheers
Michael 


> On March 12, 2016 at 7:51 PM Rowland penny <rpenny at samba.org> wrote:
> 
> 
> On 11/03/16 22:21, michaels wrote:
> > Dear list,
> > I am having real trouble using the linux authentication system with samba. I
> > have a configured kerberos and ldap server and authenticate in linux using
> > nslcd. nfs4 works fine in the linux world. Unfortunately, I am forced :( to
> > have
> > some windows machines which are supposed to connect to linux fileservers.
> >  If I
> > understand correctly, I can use sssd on the samba ad domain controller to
> > "glue"
> > the authentication between samba and the POSIX system. I used principally
> > the
> > ubuntu single sssd configuration (
> > https://help.ubuntu.com/community/SingleSignOn) but tried many many other
> > configurations. I also tried winbind to no avail. If I create a user in the
> > local samba database I can access shares via smbclient:
> >
> > smbclient //server/netlogon -Uusername -c 'ls'
> >
> > A few questiosn:
> >
> > 1) is it actually possible to authenticate a user with the linux
> > authentication
> > system to access samba shares?
> 
> Yes
> 
> > 2) If so can someone give me general directions and any good howtos's or
> > wiki
> > pages
> 
> Well, I suppose a good place to start would be the Samba wiki : 
> https://wiki.samba.org/index.php/Main_Page
> 
> > 3) Is the authentication for a smba share happening on the server or the DC?
> 
> Well both, you connect to the share and then authenticate to the DC.
> 
> > 4) I was wondering if my ldap setup has anything to do with this? I am not
> > terribly keen on changing ldap since I cannot say I understand ldap well.
> 
> When you say ldap, do you mean a separate ldap server, or the ldap built 
> into your samba AD DC ?
> 
> Rowland
> 
> >
> > Hope someone can give me directions.
> > Cheers
> > Michael
> >
> 
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list