[Samba] Setting up user authentication on a Samba DC

contactdarin at posteo.net contactdarin at posteo.net
Fri Aug 23 16:38:38 UTC 2024


Hello,

I am trying to get WIndbind authentication working on a Domain 
controller. However, I am struggling to get it working. From what I can 
tell it should be as simple as adding winbind to /etc/nsswitch.conf but 
it doesn't seem to work. When I run getent passwd it just returns 
nothing but when I run wbinfo --ping-dc it succeeds.

Here is my smb.conf

# Global parameters
[global]
         ad dc functional level = 2012_R2
         dns forwarder = 192.168.x.x
         netbios name = DC
         realm = MYDOMAIN.LAN
         server role = active directory domain controller
         workgroup = MYDOMAIN
         idmap_ldb:use rfc2307 = yes


[sysvol]
         path = /var/lib/samba/sysvol
         read only = No

[netlogon]
         path = /var/lib/samba/sysvol/mydomain.lan/scripts
         read only = No

The OS is Fedora 40 and samba 4.20.4

How would I properly setup Winbind authentication for a local login? 
Also, I know that generally SSSD conflicts with Samba and WInbind 
however it seems to be better documented and more reliable. Is there a 
way to make SSSD work with Samba?

Thanks,

Darin



More information about the samba mailing list