Marco Gaiarin
2021-Dec-27 14:38 UTC
[Samba] Samba domain members and MIT Kerberos configuration...
Mandi! Rowland Penny via samba In chel di` si favelave...> What rh-based box ?Oracle Linux 7, 8 servers and some Fedora clients.> Sort of, you should (in my opinion) use 'net ads join' to join the > computer to the domain, but you will need to use 'oddjob' on red-hat > distros. You will also need to correctly set up the smb.conf file.Ah, ok. Of course, i've not speaked about it, but i supposed a correctly smb.conf file setup in place.> This is probably because the setup isn't much different on Unix domain > members....but i was used in debian/ubuntu to let heimdal kerberos debhelper to setup /etc/krb5.conf. A krb5.conf setup for heimdal/debian will work for RH/MIT? I'm a bit confused about that... and the samba wiki say only: https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member#Configuring_Kerberos that seems minimal to me. Sorry, thanks. -- Gli ippopotami non fanno niente, basta la presenza ippopotami non si nasce, si diventa (R. Vecchioni)
Rowland Penny
2021-Dec-27 15:47 UTC
[Samba] Samba domain members and MIT Kerberos configuration...
On Mon, 2021-12-27 at 15:38 +0100, Marco Gaiarin via samba wrote:> Mandi! Rowland Penny via samba > In chel di` si favelave... > > > What rh-based box ? > > Oracle Linux 7, 8 servers and some Fedora clients.I have tested Centos 7 & 8 and fedora as Unix domain members in the past, they all were very similar to setup, only real difference was the Centos 7 used authconfig and Centos 8 & fedora used authselect instead.> > > > Sort of, you should (in my opinion) use 'net ads join' to join the > > computer to the domain, but you will need to use 'oddjob' on red- > > hat > > distros. You will also need to correctly set up the smb.conf file. > > Ah, ok. Of course, i've not speaked about it, but i supposed a > correctly > smb.conf file setup in place. > > > > This is probably because the setup isn't much different on Unix > > domain > > members. > > ...but i was used in debian/ubuntu to let heimdal kerberos debhelper > to > setup /etc/krb5.conf. A krb5.conf setup for heimdal/debian will work > for > RH/MIT?When you refer to MIT, you are referring to the kerberos tools, not the KDC.> I'm a bit confused about that... and the samba wiki say only: > > > https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member#Configuring_Kerberos > > that seems minimal to me.To be honest, that is more that what you require. Rowland