[Pkg-samba-maint] Bug#899269: Bug#899269: Bug#899269: changes to 4.8

Chad William Seys cwseys at physics.wisc.edu
Wed Jun 20 21:26:29 BST 2018


I believe my problem is the same as original reporter Dan who says: 
"This was never really an active directory install, it's a standard unix
LDAP + Kerberos install"

This is my setup as well (except I don't use LDAP, just MIT Kerberos).

Dan, I see that in your first smb.conf you did not have any idmap ranges 
defined.
Did you end up setting up idmap ranges?
Do you still use kerberos to authenticate?

I'm fine with setting up idmap ranges.  The goal is to continue to use 
our existing MIT KDC and existing /etc/passwd UIDs.
   So far my understanding of idmap/winbind does not give me a clue on 
how to do this.

This (non-AD KDC) is not a supported configuration and that is why no 
one responded on the Samba mailing list.  But there are a few people 
interested in this kind of setup:
https://lists.samba.org/archive/samba/2017-April/207728.html

https://serverfault.com/questions/659017/possible-to-authenticate-samba-via-kerberos-but-without-domain-join

Thanks for your help,
Chad.



More information about the Pkg-samba-maint mailing list