Peter H. Morgan
2019-Jul-26 16:16 UTC
[Samba] How to connect Samba to the global catalog to perform website authentication.
We are new to Samba and looking for some help please. We are attempt to authenticate users of a website with a Windows active directly connection using Samba 4.8.3 on centos 7 with apache NTLM_auth module. The active directory for the windows domain is a forest domain that has 3 domains. With a Global catalog on a number of sites. We can manage to authenticate against one domain. As the settings we are using has us connecting to the Active Directory not the Global Catalog. Do you have any advice on what settings we are doing wrong and what we need to set to make the Global catalog available to Samba. Smb .conf [global] netbios name = machinename realm = domain.with.active directory password server = domain server. domain.with.active directory client ntlmv2 auth = yes ntlm auth = no lanman auth = no workgroup = workgroupname server string = active directory load printers =no log file = /var/log/samba/user/log.%m max log size = 50 security =domain encrypt passwords = yes socket options = TCP_NODELAY dns proxy = no Regards Peter Morgan -- This e-mail (and any attachments) is private and confidential. If you have received it in error, please notify the sender immediately and delete it from your system. Do not use, copy or disclose the information in any way nor act in reliance on it. Any views expressed in this message are those of the individual sender, except where the sender specifically states them to be the views of Connect Internet Solutions Ltd. This e-mail and any attachments are believed to be virus free but it is the recipient's responsibility to ensure that they are. Connect Internet Solutions Ltd (A company registered in England No: 04424350) Registered Office: 3rd Floor, New Barratt House, 47 North John Street, Liverpool, L2 6SG Telephone: +44 (0) 151 282 4321 VAT registration number: 758 2838 85
Rowland penny
2019-Jul-26 17:00 UTC
[Samba] How to connect Samba to the global catalog to perform website authentication.
On 26/07/2019 17:16, Peter H. Morgan via samba wrote:> We are new to Samba and looking for some help please. > > > > We are attempt to authenticate users of a website with a Windows active > directly connection using Samba 4.8.3 on centos 7 with apache NTLM_auth > module. The active directory for the windows domain is a forest domain that > has 3 domains. With a Global catalog on a number of sites. > > > > We can manage to authenticate against one domain. As the settings we are > using has us connecting to the Active Directory not the Global Catalog. Do > you have any advice on what settings we are doing wrong and what we need to > set to make the Global catalog available to Samba.If all the default settings and lines that shouldn't be there are removed, your smb.conf will look like this: [global] ?? workgroup = workgroupname ?? server string = active directory ?? realm = domain.with.active directory ?? security = ADS ?? load printers = no ?? log file = /var/log/samba/user/log.%m ?? max log size = 50 ?? dns proxy = no Which leaves a lot missing, so before you go and read the link I will post below, open a teminal and type: yum remove sssd* now read this wikipage: https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member Rowland