[Samba] Samba domain members and MIT Kerberos configuration...

Rowland Penny rpenny at samba.org
Mon Dec 27 15:47:10 UTC 2021

On Mon, 2021-12-27 at 15:38 +0100, Marco Gaiarin via samba wrote:
> Mandi! Rowland Penny via samba
>   In chel di` si favelave...
> > What rh-based box ?
> Oracle Linux 7, 8 servers and some Fedora clients.

I have tested Centos 7 & 8 and fedora as Unix domain members in the
past, they all were very similar to setup, only real difference was the
Centos 7 used authconfig and Centos 8 & fedora used authselect instead.
> > Sort of, you should (in my opinion) use 'net ads join' to join the
> > computer to the domain, but you will need to use 'oddjob' on red-
> > hat
> > distros. You will also need to correctly set up the smb.conf file.
> Ah, ok. Of course, i've not speaked about it, but i supposed a
> correctly
> smb.conf file setup in place.
> > This is probably because the setup isn't much different on Unix
> > domain
> > members.
> ...but i was used in debian/ubuntu to let heimdal kerberos debhelper
> to
> setup /etc/krb5.conf. A krb5.conf setup for heimdal/debian will work
> for

When you refer to MIT, you are referring to the kerberos tools, not the

> I'm a bit confused about that... and the samba wiki say only:
> https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member#Configuring_Kerberos
> that seems minimal to me.

To be honest, that is more that what you require.


More information about the samba mailing list