On Thu, Oct 06, 2016 at 04:20:23PM +0200, Andreas Matthus wrote:
Hallo,
yes I can use multiple LDAP-sources to local login, su and ssh. That is
fine (The uid and gid are differ in all of them, so merge is possible).
But I search for a solution to use the logins for samba too.
The samba-mailinglist say: That is not our problem - ask sssd.
So I do that ;-) Can someone help me?
First, SSSD does not support NTLM, so only Kerberos authentication is
available. Which among other things means that you have to use the
fully-qualified DNS name of the server to accces the share and cannot use
short (NetBIOS) names or IP addresses.
To allow Samba to server multiple domains which do not belong to the same
forest you have to setup multiple samba instances.
https://wiki.samba.org/index.php/Multiple_Server_Instances might be a
good starting point. But please note that this document is dated and
things might be different with current Samba versions. Additionally it
might be more 2016ish to run Samba in containers for this purpose. Your
favourite search engine might give you some good starting points if you
e.g. search for "samba docker".
HTH
bye,
Sumit
with regards
Andreas Matthus
--
Dipl.-Phys. Andreas Matthus
Netzwerkadministrator
Technische Universität Dresden
Fakultät Architektur
01062 Dresden
Tel.: +49 (351) 463-33909
Fax: +49 (351) 463-36120
E-Mail: andreas.matthus(a)tu-dresden.de
_______________________________________________
sssd-users mailing list -- sssd-users(a)lists.fedorahosted.org
To unsubscribe send an email to sssd-users-leave(a)lists.fedorahosted.org