[Samba] Samba authentication using non-AD Kerberos?

Rowland Penny rpenny at samba.org
Thu Apr 27 13:41:00 UTC 2017

On Thu, 27 Apr 2017 07:17:22 -0600 (MDT)
S P Arif Sahari Wibowo via samba <samba at lists.samba.org> wrote:

> My requirement is simple, we have existing OpenLDAP and Kerberos 
> authentication system, and I want MS Windows to be able to mount 
> shares from my server using credentials from that authentication 
> system. In the old days (Samba 3), it can use LDAP for login but 
> doing that by storing password in LDAP field using unsecure 
> encryption, and I cannot do that now. I thought now with Samba 4 
> it will be possible to do with Kerberos.

You probably could use Samba 4 in the same way as you used Samba 3,
but then it wouldn't be AD.

What you are trying to do isn't easy, if it was, Microsoft wouldn't
have gone to all the trouble of creating AD.

You are not the first to try and get AD to work with your setup,
rather than getting your setup to work with AD. Believe me, it will be
easier to do the later rather than the former.


More information about the samba mailing list