[Samba] How to configure samba to use LDAP/Kerberos authentication without using winbind?

Steven Fu xiaofeifu at gmail.com
Fri May 20 00:06:44 UTC 2016

We have a environment that the we cannot(don't want to) use winbind to join
samba server to the win2003 AD(with LDAP RFC2307bis Schema and uid/gid
setup for users).
We managed to get the linux (CentOS) to accept windows domain user ssh to
it(with nss/nslcd/kerberos settings).
But couldn't make samba server to use the same way to serve windows domain

Found this page:
But couldn't get it working.

Also found this page:
which had information that is quite similar to what we are trying to do,
but was deleted saying "After internal discussions, we only provide support
for winbind"

So now the questions are:
1. Does Samba has a way to support using LDAP/Kerberos without winbind.
2. If yes, where I can find a step-by-step guide on how to do it.

(ps: please don't suggest using sssd or realm join, we know those maybe the
right way to go in the future, but its not for this environment right now.)


More information about the samba mailing list