[Samba] Samba domain members and MIT Kerberos configuration...
Rowland Penny
rpenny at samba.org
Mon Dec 27 13:24:07 UTC 2021
On Mon, 2021-12-27 at 13:54 +0100, Marco Gaiarin via samba wrote:
> I'm working on joining some RH-based box to an AD domain, starting
> from this
> list, the wiki and my debian knowledge. ;-)
What rh-based box ?
RHEL ?
Centos ?
Fedora ?
What version ?
>
> I'm speaking of MEMBERS, not DC!
No need to shout :-D
>
>
> I've found some info googling around, but make reference to 'realmd'
> and
> 'oddjob' for configuration, that seems to me more 'wrappers' to help
> configuration, so probably can be subsitute with more plain 'net ads
> join' and 'pam_mkhomedir'. Correct?
Sort of, you should (in my opinion) use 'net ads join' to join the
computer to the domain, but you will need to use 'oddjob' on red-hat
distros. You will also need to correctly set up the smb.conf file.
>
>
> Also, i've found no specific kerberos configuration, apart the hint
> to add
> this:
>
> [plugins]
>
> localauth = {
>
> module =
> winbind:/usr/lib64/samba/krb5/winbind_krb5_localauth.so
>
> enable_only = winbind
>
> }
>
You probably do not need that.
> (and installing samba-winbind-krb5-locator rpm package).
>
>
> In the samba wiki i've not found some hint about mit kerberos
> configuration.
This is probably because the setup isn't much different on Unix domain
members.
Rowland
More information about the samba
mailing list