[Samba] Replace completely an AD PKI authentication with Samba ?
Andrew Bartlett
abartlet at samba.org
Sun Mar 15 07:38:29 UTC 2020
On Sat, 2020-03-14 at 19:52 +0100, Lionel Monchecourt via samba wrote:
> Hi,
>
> I'm currently using an AD with PKI/certificate authentication ( some of my
> users are even using smartcards ).
>
> Could I replace my Microsoft AD & certificates with a pure Samba solution ?
> any tricks, non features I should know ?
https://wiki.samba.org/index.php/Samba_AD_Smart_Card_Login
> If so , do you know any docker image maybe that I could start with to do my
> test ? ( or some VM ? )
Yes, it is known to work, but do see
https://bugzilla.samba.org/show_bug.cgi?id=9612
Long term, what I would prefer is to store the user certificate in the
directory (as modern Windows AD versions can), rather than by signing
with PKI, but this would require development work.
Thanks,
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba
mailing list