[CentOS] samba: check password with AD without joining domain?
Stephen Harris
lists at spuddy.org
Fri Aug 16 01:44:25 UTC 2013
On Thu, Aug 15, 2013 at 06:40:54PM -0700, Devin Reade wrote:
> Last time I checked a few years ago I don't think AD supported an LDAP anonymous bind, so you may need to bind as that user in order to validate the creds.
AD is kerberos for authentication. If you just want to authenticate user
"xyzzy" to AD with password (as opposed to krb keys) then just configure
/etc/krb5.conf to point to an AD domain controller.
Don't need LDAP at all.
Everything else (samba, ldap, etc) gives closer integration, but isn't
essential for pure 'AD password' authentication.
--
rgds
Stephen
More information about the CentOS
mailing list