Re: [Fwd: Re: [Samba] Authenticating Linux Against AD with Winbind]

Tue, 10 Oct 2006 12:02:57 -0700 

Here's what I used for Ubuntu and it worked like a charm:

http://ubuntuforums.org/archive/index.php/t-91510.html

Dale Schroeder wrote:

Jason,

I used these.

http://www.enterprisenetworkingplanet.com/netos/article.php/3487081
http://www.enterprisenetworkingplanet.com/netos/article.php/10951_3502441_1 


Dale

-------- Original Message --------
Subject:     Re: [Samba] Authenticating Linux Against AD with Winbind
Date:     Tue, 10 Oct 2006 11:43:11 -0400
From:     Aaron Kincer <[EMAIL PROTECTED]>
To:     Jason Rotunno <[EMAIL PROTECTED]>
CC:     [email protected]
References: <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>
There are how-tos out there that clearly highlight what you have to do in order to get authentication against Active Directory. You need to use Google (or some other search engine) effectively to find them. I can tell you that in order to have proper AD authentication, you must absolutely use: 

security = ads
If you use that string in a search engine along with a few other key words pertinent to your environment, you will likely find all you need to get started.
Hope that helps. It would also help if you took some time over lunch (or two) to peruse through the smb.conf documentation and read about each option. I know people hate to hear anything like RTFM, but it will help you gain better understanding.
By the way, Microsoft Active Directory (native 2000/2003 domains) authentication is, by definition, Kerberos based. So whether you know it or not, you do in fact use Kerberos.
http://www.microsoft.com/technet/prodtechnol/windows2000serv/maintain/security/kerberos.mspx 


Jason Rotunno wrote:

James Zuelow wrote:

You're trying to authenticate against active directory:
I'm trying to set up a Linux box to authenticate users against AD 

But your config doesn't agree with you:


security = server


And you may have cut them out, but I see no realm entry to specify the
AD domain.
Thanks for the reply. I'm a bit confused, though. The how-to doesn't say anything about either of these options. Actually, I checked a number of different how-tos and docs and some include them, while others don't. (??) Also, sorry for my lack of knowledge but realm refers to the kerberos realm, correct? We don't use kerberos and I was under the impression that it wasn't necessary, since some docs (such as the one I'm using) don't mention anything about it. 

Thanks for your help,
Jason




--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Reply via email to