[Samba] PAM only and Kerberos...
Marco Gaiarin
gaio at sv.lnf.it
Mon May 28 13:23:42 UTC 2018
In my old Samba/NT/OpenLDAP domains i was used to setup, on some
specific hosts/VM, a simple authentication scheme, so i simply create
locally (eg 'adduser') some users, and then i setupped only PAM part
of ldap.
Seems to me now, on Samba/AD, to use Kerberos. And seems also TOO easy!
I've simply installed 'libpam-krb5', reply to the debconfig question
wit the AD/Kerberos domain/realm and... voilĂ , works as expected. Cool!
;-)
But, lacking some docs on samba wiki, i've some question more:
a) i suppose that Kerberos use DNS to resolve servers; in a complex
setup there's some way to have kerberos use the servers from the same
site?
b) i use the same setup in firewalls, that have no knowledge of
internal DNS. There's some way to setup kerberos authentication with
'no DNS'?! EG, putting some info on /etc/hosts?!
Thanks.
--
dott. Marco Gaiarin GNUPG Key ID: 240A3D66
Associazione ``La Nostra Famiglia'' http://www.lanostrafamiglia.it/
Polo FVG - Via della BontĂ , 7 - 33078 - San Vito al Tagliamento (PN)
marco.gaiarin(at)lanostrafamiglia.it t +39-0434-842711 f +39-0434-842797
Dona il 5 PER MILLE a LA NOSTRA FAMIGLIA!
http://www.lanostrafamiglia.it/index.php/it/sostienici/5x1000
(cf 00307430132, categoria ONLUS oppure RICERCA SANITARIA)
More information about the samba
mailing list