[Pkg-samba-maint] Bug#899269: Bug#899269: Bug#899269: changes to 4.8
Daniel Lakeland
dlakelan at street-artists.org
Wed Jun 20 22:04:19 BST 2018
On 06/20/2018 01:26 PM, Chad William Seys wrote:
> I believe my problem is the same as original reporter Dan who says:
> "This was never really an active directory install, it's a standard unix
> LDAP + Kerberos install"
>
> This is my setup as well (except I don't use LDAP, just MIT Kerberos).
>
> Dan, I see that in your first smb.conf you did not have any idmap
> ranges defined.
> Did you end up setting up idmap ranges?
> Do you still use kerberos to authenticate?
>
I just checked, with my current setup, using
security = user
realm = MY.REALM.HERE
encrypt passwords = yes
kerberos method = secrets and keytab
and without idmap ranges, I am able to connect to my samba share on a
client using:
smbclient -k //myserver/myshare
without entering a password, so I do think it's using Kerberos.
If someone breaks this because they don't think people use this
technique, and that kerberos is only for true Active Directory users, I
will be upset ;-)
More information about the Pkg-samba-maint
mailing list