shridhar shetty
2016-Jun-16 05:00 UTC
[Samba] AD authentication on samba server using sssd
Well thanks. Will post it on the sssd list. On Wed, Jun 15, 2016 at 11:36 PM, Rowland penny <rpenny at samba.org> wrote:> On 15/06/16 18:24, shridhar shetty wrote: > >> I am trying to run samba with sssd service and AD authentication. >> I have joined the linux server to the AD domain using realmd and using >> sssd >> to authenticate to the AD. I am able to get user list from AD using >> "getent >> passwd <username>". >> The samba servers starts but i am unable to get the authentication >> working. >> >> I referred the samba dos for centos7 and also installed sssd-libwbclient. >> >> https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Windows_Integration_Guide/sssd-ad-integration.html >> >> Any pointers would be appreciated. thanks :) >> > > Yes, try asking on the sssd mailing list, they should be able to give you > better help than here, sssd has nothing to do with Samba. > If you want to use winbind instead, then this is the place to ask. > > Rowland > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
shridhar shetty
2016-Jun-16 16:15 UTC
[Samba] AD authentication on samba server using sssd
I got samba to work with sssd finally. :) Wanted to share so that it could help someone with debugging. I was trying to access the fileserver using IP address which was failing. It worked when using hostname to connect to the fileserver. Short explanation * When accessing samba fileserver using hostname, kerberos authentication kicks in, which works fine as expected. * But when accessing samba fileserver using ip address, kerberos authentication fails and falls back to NTLM. (NTLM is not supported in SSSD yet) Thanks On Thu, Jun 16, 2016 at 10:30 AM, shridhar shetty < shridhar.sanjeeva at gmail.com> wrote:> Well thanks. > Will post it on the sssd list. > > On Wed, Jun 15, 2016 at 11:36 PM, Rowland penny <rpenny at samba.org> wrote: > >> On 15/06/16 18:24, shridhar shetty wrote: >> >>> I am trying to run samba with sssd service and AD authentication. >>> I have joined the linux server to the AD domain using realmd and using >>> sssd >>> to authenticate to the AD. I am able to get user list from AD using >>> "getent >>> passwd <username>". >>> The samba servers starts but i am unable to get the authentication >>> working. >>> >>> I referred the samba dos for centos7 and also installed >>> sssd-libwbclient. >>> >>> https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Windows_Integration_Guide/sssd-ad-integration.html >>> >>> Any pointers would be appreciated. thanks :) >>> >> >> Yes, try asking on the sssd mailing list, they should be able to give you >> better help than here, sssd has nothing to do with Samba. >> If you want to use winbind instead, then this is the place to ask. >> >> Rowland >> >> >> >> -- >> To unsubscribe from this list go to the following URL and read the >> instructions: https://lists.samba.org/mailman/options/samba >> > >
Data Control Systems - Mike Elkevizth
2016-Jun-16 18:35 UTC
[Samba] AD authentication on samba server using sssd
Have you checked to see if the server has a reverse zone entry in the AD DNS? I think kerberos relies on it and I'm not sure Samba creates one automatically. My experience has been that I have to create the reverse zones manually. Mike E. On Thu, Jun 16, 2016, 12:43 PM shridhar shetty <shridhar.sanjeeva at gmail.com> wrote:> I got samba to work with sssd finally. :) > Wanted to share so that it could help someone with debugging. > > I was trying to access the fileserver using IP address which was failing. > It worked when using hostname to connect to the fileserver. > > Short explanation > * When accessing samba fileserver using hostname, kerberos authentication > kicks in, which works fine as expected. > * But when accessing samba fileserver using ip address, kerberos > authentication fails and falls back to NTLM. (NTLM is not supported in SSSD > yet) > > Thanks > > > On Thu, Jun 16, 2016 at 10:30 AM, shridhar shetty < > shridhar.sanjeeva at gmail.com> wrote: > > > Well thanks. > > Will post it on the sssd list. > > > > On Wed, Jun 15, 2016 at 11:36 PM, Rowland penny <rpenny at samba.org> > wrote: > > > >> On 15/06/16 18:24, shridhar shetty wrote: > >> > >>> I am trying to run samba with sssd service and AD authentication. > >>> I have joined the linux server to the AD domain using realmd and using > >>> sssd > >>> to authenticate to the AD. I am able to get user list from AD using > >>> "getent > >>> passwd <username>". > >>> The samba servers starts but i am unable to get the authentication > >>> working. > >>> > >>> I referred the samba dos for centos7 and also installed > >>> sssd-libwbclient. > >>> > >>> > https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Windows_Integration_Guide/sssd-ad-integration.html > >>> > >>> Any pointers would be appreciated. thanks :) > >>> > >> > >> Yes, try asking on the sssd mailing list, they should be able to give > you > >> better help than here, sssd has nothing to do with Samba. > >> If you want to use winbind instead, then this is the place to ask. > >> > >> Rowland > >> > >> > >> > >> -- > >> To unsubscribe from this list go to the following URL and read the > >> instructions: https://lists.samba.org/mailman/options/samba > >> > > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >
Apparently Analagous Threads
- AD authentication on samba server using sssd
- AD authentication on samba server using sssd
- NT_STATUS_NO_TRUST_SAM_ACCOUNT after temporary connectivity break to AD DC
- NT_STATUS_NO_TRUST_SAM_ACCOUNT after temporary connectivity break to AD DC
- NT_STATUS_NO_TRUST_SAM_ACCOUNT after temporary connectivity break to AD DC