Francisco Javier López de San Pedro
2007-Feb-21 12:03 UTC
[Samba] Problem with Samba Authentication
Hi, i have installed a PDC authenticated with LDAP in a network with Linux and Win XP hosts. My intention is to authenticate (throught TLS) every user or at least the machines wich are trying to get access to the resources. LDAP and Samba are in the same machine so the communication is by the 389 port. Besides, LDAP communication with the network is by ldap ssl. I have tried a lot of configurations, but i have not found the right one. I want that every Win host sends a TLS certificate to Samba in order to the server to authenticate them, and if it fails, the user could not log into the machine. I have to say that with Linux hosts it is working the way i want. So the TLS configuration in LDAP is right. Anyone knows if i can get this? or even better, Can anyone tell me wich would be the basic configuration options to get it? Greetings and apologizes for my English
> Hi, i have installed a PDC authenticated with LDAP in a network with Linux and > Win XP hosts. My intention is to authenticate (throught TLS) every user or at > least the machines wich are trying to get access to the resources. LDAP and > Samba are in the same machine so the communication is by the 389 port. > Besides, LDAP communication with the network is by ldap ssl. > I have tried a lot of configurations, but i have not found the right one. I > want that every Win host sends a TLS certificate to Samba in order to the > server to authenticate them, and if it fails, the user could not log into the > machine. > I have to say that with Linux hosts it is working the way i want. So the TLS > configuration in LDAP is right.Windows is not UNIX; it works the way Windows works, not the way you want it to work. If you want to authenticate Windows user's against an LDAP DSA you must setup Samba as a PDC and join the machines to the domain.> Anyone knows if i can get this?No.> or even better, Can anyone tell me wich would > be the basic configuration options to get it?