[Samba] Minimum footprint for authenticating CIFS shares with Kerberos
Dorian Taylor (Lists)
lists at doriantaylor.com
Fri Jan 22 19:15:52 UTC 2021
Good day,
I have a home office network where, because of work, I already have:
* an LDAP server
* a Kerberos KDC/admin server
* a DNS server
What I am after is a quasi-replacement for the AFS server I just removed after ten years, i.e., I want to access files over a network, and I want to be able to authenticate to that service using Kerberos.
I followed some instructions to set Samba up as an Active Directory PDC, but I didn’t realize, at the outset, that meant spinning up a bunch of its own daemons that are fighting for the same ports a bunch of services are already running on.
(For what it’s worth, the server is Ubuntu 20.04, which is curiously missing a systemd service definition for the `samba` daemon.)
I suppose my question is: To what extent I can configure Samba to provide just enough material to, for instance, fool a Mac’s native CIFS client into authenticating to a Samba share with Kerberos?
Thanks in advance,
--
Dorian Taylor
Make things. Make sense.
https://doriantaylor.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 874 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.samba.org/pipermail/samba/attachments/20210122/6696634a/signature.sig>
More information about the samba
mailing list