[Samba] Linux desktop setup with authentication against Samba AD DC

Rowland Penny rpenny at samba.org
Sat Nov 30 19:23:26 UTC 2024


On Sat, 30 Nov 2024 19:03:04 +0100
Peter Milesson via samba <samba at lists.samba.org> wrote:

> Hi Rowland,
> 
> I haven't a deep knowledge of what packages are sufficient, and which 
> ones are superfluous. I will test the setup without libpam-krb5.
> 
> About the wiki page, it's Archlinux' AD integration page on 
> https://wiki.archlinux.org/title/Active_Directory_integration. I
> really didn't follow it, and used what I set up on Debian instead.
> The Archlinux pam_winbind.conf example will probably break most
> kerberized applications, as the place of the Kerberos ticket cache is
> non standard. It would be necessary to configure all applications
> using cached Kerberos tickets in that case. Even Archlinux puts the
> Kerberos ticket cache in /tmp default. Defaults are there for some
> reason...

Based on what I have been using on Debian for quite some time, I cannot
recommend following the Arch Linux wiki page, there are just too many
apparent problems.

I was going to attempt to use Rocky Linux 9 as client, but pam_mount
appears to be only available from EPEL and I cannot easily find hxtools.
It appears that redhat is moving away from the desktop and
concentrating on servers.

Rowland
 



More information about the samba mailing list