[Samba] Authenticating against Samba 4 AD LDAP service
Konstantin Boyandin
lists at boyandin.info
Wed Sep 5 08:46:04 UTC 2018
Hello,
One of Samba 3 -> Samba 4 migration task I am solving is changing
authentication against new Samba 4 AD domain.
Existing services use LDAP directory of Samba 3 to authenticate. The
simplest way to go would be just to replace LDAP credentials; however, I
don't quite understand which LDAP credentials to use/how to create them
for Samba 4 AD.
Sample command against Samba 4 LDAP service:
# ldapsearch -D "cn=Manager,dc=company,dc=lan" -w [password] -H
ldap://10.100.0.4 -b "dc=ad-lan,dc=com" -s sub "(objectclass=*)"
returns
ldap_bind: Strong(er) authentication required (8)
additional info: BindSimple: Transport encryption required.
I would appreciate a link to possible source of wisdom, or explanations
in here.
Note: I can do searches using Kerberos authentication on Samba 4
installation, like this:
# kinit administrator
# ldbsearch -H ldap://dc.ad-lan.com -k yes '(objectclass=person)'
but Kerberos is not an option for some existing services.
Sincerely,
Konstantin
More information about the samba
mailing list