[Samba] Samba AD DC autenticated by non-AD Kerberos (~ Re: Samba authentication using non-AD Kerberos?)

Rowland Penny rpenny at samba.org
Thu Apr 20 13:46:24 UTC 2017

On Thu, 20 Apr 2017 07:32:16 -0600 (MDT)
S P Arif Sahari Wibowo via samba <samba at lists.samba.org> wrote:

> On 2017-04-20, 03:35, Andrew Bartlett via samba wrote:
> > I think you really want to move to Samba as an AD DC.
> In that case, how can I setup a Samba AD DC which has its 
> authentication came from another non-AD Kerberos service? 
> Preferably in a separate server from the Kerberos service.

I don't think you can.

> I also have a LDAP service synchronized with the Kerberos 
> service, but I cannot have the old solution where AD user 
> passwords are stored separately in LDAP field. In general I 
> cannot use solution where AD user passwords are stored 
> separately from and need to be synchronized with LDAP / Kerberos 
> user passwords.

You normally use AD for the users passwords and get your service to use
AD for authentication, just what do you need to get to work with AD, a
mailserver or squid or something else ?


More information about the samba mailing list