[Samba] How to join RHEL 7 Linux Server to Active Directory Domain
Luc Lalonde
luc.lalonde at polymtl.ca
Mon Sep 26 18:06:06 UTC 2022
Correction below...
Le 9/26/22 à 11:07, Luc Lalonde via samba a écrit :
> Hey Rowland,
>
> I'm using Winbind without SSSD successfully on Fedora-36 and
> CentOS-Stream 9. It's not well documented, but I figured it out:
>
> https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member
>
> I've added the pertinent lines in the 'Configuring Kerberos' section:
>
> https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member
>
> Look for 'On sone Linux distributions that use MIT Kerberos'.
>
> Most of my systems use SSSD with no issues... but will migrate
> eventually to pure SSSD.
Oops, meant that I will migrate all Linux machines to Winbind only.
>
> Bye.
>
> Le 9/26/22 à 05:17, Rowland Penny via samba a écrit :
>> I am glad that I am not the only one who has seen through the use of
>> Samba with sssd. I personally have nothing against sssd etc, I just
>> cannot see the point in using it on a Samba domain member, you get
>> the same result (with all the downsides) if you point sssd at an AD
>> DC, you just get authentication. You can get authentication on Debian
>> using kerberos by installing libpam-krb5, but you cannot do this on
>> red-hat any more, they have remove pam-krb5, you have to use sssd.
>>
>> To get the fullest benefit of AD on a Unix client, in my opinion, you
>> have to use Samba with winbindd and set it up correctly.
>>
>> Rowland
>
--
Luc Lalonde, analyste
-----------------------------
Département de génie informatique et génie logiciel:
École polytechnique de MTL
Bureau: (514) 340-4711 x5049
Cellulaire: (514) 348-2288
Luc.Lalonde at polymtl.ca
More information about the samba
mailing list