[Samba] Authentification against kerberos / sssd
Rowland Penny
rpenny at samba.org
Tue Dec 11 14:23:33 UTC 2018
On Tue, 11 Dec 2018 15:09:39 +0100
tseegerkrb via samba <samba at lists.samba.org> wrote:
> Hello list,
>
> a quick question. Right now I have a combination of MIT Kerberos,
> OpenLDAP and SSSD for authenticating my users. Is there a way that
> Samba can use this setup to perform user authentication. I only want
> to access the shares of the Samba server from about 8 Windows
> computers. I am aware that I cannot make an Active Directory out of
> this.
>
> At the moment I have stored the users in a local passdb, which works
> but is very unpleasant.
>
That is why Microsoft came up with domains ;-)
If you look at Active Directory, it is basically composed of kerberos,
ldap and dns., so you can replace your kerberos and ldap servers with a
Samba AD DC, this also come with winbind which will replace sssd.
There is just one possible fly in the ointment, you mention MIT & sssd,
is this using a red-hat OS ?
If it is, you cannot use the OS packages to create an AD DC, or if you
can (Fedora), it shouldn't be used in production.
Rowland
More information about the samba
mailing list