WannaCry is just the start. Read how Liquid Web is protecting itself and its customers against new threats.
Course Of The Month
7 days, 20 hours left to enrollBecome a Premium Member and unlock a new, free course in leading technologies each month.
Solved
Configure Samba / Kerberos and LDAP on Red Hat
Posted on 2011-02-18
http://www.linuxmail.info/active-directory-single-sign-on/
http://www.linuxmail.info/active-directory-integration-samba-centos-5/
If I need to allow my AD users to access the Red Hat server, and the Red Hat server is enabled to user the shared resource in Window domain, do I need to do enable Samba and Kerberos/LDAP on the Red Hat, or either one ?
What the main difference between these two settings ?
Thanks
http://www.linuxmail.info/active-directory-integration-samba-centos-5/
If I need to allow my AD users to access the Red Hat server, and the Red Hat server is enabled to user the shared resource in Window domain, do I need to do enable Samba and Kerberos/LDAP on the Red Hat, or either one ?
What the main difference between these two settings ?
Thanks
[X]
Welcome to Experts Exchange
Add your voice to the tech community where 5M+ people just like you are talking about what matters.
- Help others & share knowledge
- Earn cash & points
- Learn & ask questions
-
3
2
6 Comments
When you say samba I presume you mean the winbindd portion of samba.
You would need to enable 1 of the two, windbindd or ldap. In principle kerberos is independent of the chosen mechanism, that being said I do not know of any implementations using winbind and kerberos.
The main difference is that for ldap to work you need to extend active directory with 'unix services'. Something a lot of windows administrators rather not do.
You would need to enable 1 of the two, windbindd or ldap. In principle kerberos is independent of the chosen mechanism, that being said I do not know of any implementations using winbind and kerberos.
The main difference is that for ldap to work you need to extend active directory with 'unix services'. Something a lot of windows administrators rather not do.
You need to run the winbind service.
You also need to run Kerberos as a Client and not as a KDC. Your AD is a kerberos KDC.
This is as simple as changing two/three lines in /etc/krb5.conf.
Then you need to Join your Linux Machine to Windows AD.
Configure Authentication to lookup from WinAD.
Finally you run the winbind service to actually start to login with Windows users on the Linux machine.
However the Linux users will not be able to run on the Windows machine. If you want that then you need to run SFU on your Windows AD to support Linux users on it.
You also need to run Kerberos as a Client and not as a KDC. Your AD is a kerberos KDC.
This is as simple as changing two/three lines in /etc/krb5.conf.
Then you need to Join your Linux Machine to Windows AD.
Configure Authentication to lookup from WinAD.
Finally you run the winbind service to actually start to login with Windows users on the Linux machine.
However the Linux users will not be able to run on the Windows machine. If you want that then you need to run SFU on your Windows AD to support Linux users on it.
Active today
http://www.linuxmail.info/active-directory-integration-samba-centos-5/
Follow the instruction above and I could setup winbind service succesfully. Can u advise how to setup the remaining steps as mentioned in the previous thread.
Great Thanks.
Follow the instruction above and I could setup winbind service succesfully. Can u advise how to setup the remaining steps as mentioned in the previous thread.
Great Thanks.
Active today
http://www.linuxmail.info/active-directory-dovecot-pam-authentication/
Follow this link, I have setup the Kerberos authentication and it works fine.
However, when I log off the Linux server, and try to use one of the AD domain user to login to the Red Hat server, it could authentication the login successfully.
Any idea ?
Thanks
Follow this link, I have setup the Kerberos authentication and it works fine.
However, when I log off the Linux server, and try to use one of the AD domain user to login to the Red Hat server, it could authentication the login successfully.
Any idea ?
Thanks
OK so from the command line if you type
wbinfo -a
Do you get all the windows users listed?
If so now you need to configure PAM. from the same place you did the kerberos and winbind configuration. (This was mensioned in the guide you posted)
Now we need to make sure they can login as shell users before GUI.
From the options tab in system-config-authenticati
Now to test this while still logged in RedHat as the root user run the following command
su - username
Where username is windows username that you have under ActiveDirectory.
The home dir should be created and you should get no errors on the command line
Confrim the above is all ok to proceed getting you in via the GUI
wbinfo -a
Do you get all the windows users listed?
If so now you need to configure PAM. from the same place you did the kerberos and winbind configuration. (This was mensioned in the guide you posted)
Now we need to make sure they can login as shell users before GUI.
From the options tab in system-config-authenticati
Now to test this while still logged in RedHat as the root user run the following command
su - username
Where username is windows username that you have under ActiveDirectory.
The home dir should be created and you should get no errors on the command line
Confrim the above is all ok to proceed getting you in via the GUI
Featured Post
We value your feedback.
Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!
Question has a verified solution.
If you are experiencing a similar issue, please ask a related question
If you use Debian 6 Squeeze and you are tired of looking at the childish graphical GDM login screen that is used by default, here's an easy way to change it.
If you've already tried to change it you've probably discovered that none of the old met…
This article will explain how to establish a SSH connection to Ubuntu through the firewall and using a different port other then 22. I have set up a Ubuntu virtual machine in Virtualbox and I am running a Windows 7 workstation.
From the Ubuntu vi…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
In this video, viewers are given an introduction to using the Windows 10 Snipping Tool, how to quickly locate it when it's needed and also how make it always available with a single click of a mouse button, by pinning it to the Desktop Task Bar.
Int…
Suggested Courses
Course of the Month7 days, 20 hours left to enroll
Earn Certification
Linux+ Powered by LPI (Exam LX0-103, LX0-104)
$199.00$179.10
728 members asked questions and received personalized solutions in the past 7 days.
Join the community of 500,000 technology professionals and ask your questions.