I've successfully authenticated my Meraki device against Samba by
creating a 2048 bit RSA key and self signed certificate. Thanks Rowland.
The next application I'm attempting is failing. I'm working with the
vendor to troubleshoot that issue. I will post back to the list if we
still can't figure it out. I would like to authenticate a Kolab
groupware server with Roundcube against Samba. Has anyone attempted
this? I'm not tied to Kolab so if anyone has a better solution that
works with Samba I'm open to try. Thanks.
On 3/24/2015 3:12 PM, Rowland Penny wrote:> On 24/03/15 19:02, James wrote:
>> To start user authentication for VPN access. We use Cisco Meraki
devices
>> in our environment. Accounts are currently created locally on the
>> device.
>>
>> On 3/24/2015 2:44 PM, Rowland Penny wrote:
>>> On 24/03/15 18:31, James wrote:
>>>> Hello,
>>>>
>>>> I use several applications that allow for authenticating
>>>> against a
>>>> Microsoft ADDC natively. Can someone point me in a direction on
>>>> where to
>>>> start? I'm using Samba 4.2.0 on Ubuntu 12.04. I think these
are the
>>>> steps I need to take but would like confirmation before
attempting.
>>>> Thanks.
>>>>
>>>> Step 1 Method 2: Connecting to AD via Kerberos :
>>>>
https://wiki.samba.org/index.php/Local_user_management_and_authentication/nslcd
>>>>
>>>>
>>>> Step 2 Authentication against AD :
>>>>
https://wiki.samba.org/index.php/Authenticating_other_services_against_AD
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>> What applications ? There is a page on the samba wiki:
>>>
https://wiki.samba.org/index.php/Authenticating_other_services_against_AD
>>>
>>>
>>> It is somewhere to start, but if could tells us what you need to
>>> authenticate, then others on here may be already be doing it and
can
>>> help you traverse any mine fields :-)
>>>
>>> Rowland
>>>
>
> well, a quick search brought this up:
>
https://kb.meraki.com/knowledge_base/integrating-active-directory-with-client-vpn-or-content-filtering-on-the-mx-security-appliance
>
> Don't know if this helps but it is somewhere to start.
>
> Rowland
>
--
-James