[Samba] External Authentication

Rowland Penny rpenny at samba.org
Fri Apr 12 17:18:17 UTC 2019

On Fri, 12 Apr 2019 09:51:44 -0700
Vex Mage <dosmage at gmail.com> wrote:

> Even if I am still thinking in the past it doesn't invalidate the
> problem I came here to get guidance on. Instead I just get talked
> down to by some or others don't even read the situation I'm trying to
> solve.
> I don't need it to work like it used to in the NT4 sense. I don't
> need to use NT4 protocols. I'm just in need of not having Samba4
> write in all of its documentation that forklift replacing your
> central authentication server is the only way to move forward. Wasn't
> the design goal to make it compatible in a Unix environment in the
> first place?
> How am I holding back Samba? I have a central LDAP server I have no
> control over 

That is the first time you have said that, I thought you had total
control over the entire system.

You need to bring to the attention of whoever does have control over
the ldap Samba3 server, that it is insecure and unsupported and if they
don't do something about it and they get hit by malware, it will be
their fault.

>but yet Samba4 requires me to replace it. 

No it doesn't, you can use Samba4 just like you use Samba3, but it
might stop working at any time because Windows changes something.

>I can see how
> most of Samba's niche markets can do that but we can't.
> AD is absolutely fine. Most of the other schools on our campus have
> moved away from Samba to Windows AD or decided to drop authentication
> altogether because it was easier to do so. Honestly, I don't think
> you're not listening.

If you want a secure system, you have to use secure software, this
generally means recent software.


More information about the samba mailing list