How to I get Samba working on CentOS with AD authenticated users?

General support questions
jdhumpf
Posts: 11
Joined: 2019/06/13 20:10:26

How to I get Samba working on CentOS with AD authenticated users?

Post by jdhumpf » 2019/06/13 20:17:51

I have tried multiple different ways to get Samba working with CentOS and there is not a single guide out there that actually works fully.

Here are the requirements:

1. Ability to login to CentOS with Active Directory credentials

(which I have figured out but I am willing to take other suggestions: https://www.linuxtechi.com/integrate-rh ... directory/)

2. The ability to seamlessly/somewhat easily have users access the CentOS home directories from windows machines. (example: \\192.168.1.77\username or something like that)

Note, I have tried SSSD and winbind and am a real fan of sssd as far as the authentication goes, but I am really stuck as far as making samba work with it.

I have spent several days on this and am looking to the spiceworks community for help.

hunter86_bg
Posts: 2019
Joined: 2015/02/17 15:14:33
Location: Bulgaria
Contact:

Re: How to I get Samba working on CentOS with AD authenticated users?

Post by hunter86_bg » 2019/06/14 14:07:23

You need to setup a kerberized Samba, as windows clients will not connect to non-kerberized share.

jdhumpf
Posts: 11
Joined: 2019/06/13 20:10:26

Re: How to I get Samba working on CentOS with AD authenticated users?

Post by jdhumpf » 2019/06/14 15:41:26

Do you have a config and steps that work? I have tried everything.

hunter86_bg
Posts: 2019
Joined: 2015/02/17 15:14:33
Location: Bulgaria
Contact:

Re: How to I get Samba working on CentOS with AD authenticated users?

Post by hunter86_bg » 2019/06/16 13:02:50

First,
Have you tried in the windows client to access the share via: \\my.centos.my.domain\samba\share instead of using the IP?

jdhumpf
Posts: 11
Joined: 2019/06/13 20:10:26

Re: How to I get Samba working on CentOS with AD authenticated users?

Post by jdhumpf » 2019/06/17 15:59:03

Yes I have. So now I have a different problem.

I have got the thing to work but I can not use SSSD with samba. I can only use Winbind.

With winbind I can only get users in the primary domain to be able to login without "@Domain.com"

username@domain.com
username@subdomian.domian.com

SHOULD BE JUST:

username

jdhumpf
Posts: 11
Joined: 2019/06/13 20:10:26

Re: How to I get Samba working on CentOS with AD authenticated users?

Post by jdhumpf » 2019/07/29 14:26:33

Redhat support claims that this will not work with SSSD at all
But this is still accessible on their site.

https://access.redhat.com/documentation ... e/smb-sssd

Thraex
Posts: 51
Joined: 2019/05/14 19:50:28

Re: How to I get Samba working on CentOS with AD authenticated users?

Post by Thraex » 2019/07/30 18:21:55

I was able to do this before, I used authconfig-tui and set it to use winbind and joined the domain through it. It adds a good chunk to your smb.conf so it should make the process a little easier. After it joined, you can make sure it worked with wbinfo -u which should show AD users. If it does then you should be done. My smb.conf is below, not sure if everything is needed but it worked for me. For accessing the shares, you can make a [home] share and the path be /home/%U (I think)

Code: Select all

[global]
workgroup = example
realm = example.com
security = ads
idmap config * : range = 10000-300000
template homedir = /home/%U
template shell = /bin/bash
kerberos method = secrets only
winbind use default domain = true
winbind offline logon = false
server role = MEMBER SERVER
ntlm auth =yes
encrypt passwords = yes
domain logons = yes
winbind enum users = yes
winbind enum groups = yes

jdhumpf
Posts: 11
Joined: 2019/06/13 20:10:26

Re: How to I get Samba working on CentOS with AD authenticated users?

Post by jdhumpf » 2019/07/30 18:48:35

Were you ever able to do it through OpenLDAP?

Thraex
Posts: 51
Joined: 2019/05/14 19:50:28

Re: How to I get Samba working on CentOS with AD authenticated users?

Post by Thraex » 2019/07/30 19:20:24

I never tried it actually, for what I needed samba for most of the documentation I found said to use winbind so I did. Once it worked I didn't mess around with it anymore

jdhumpf
Posts: 11
Joined: 2019/06/13 20:10:26

Re: How to I get Samba working on CentOS with AD authenticated users?

Post by jdhumpf » 2019/07/30 19:48:29

Promlem is, I have a domain and a subdomain on active directory and users from both need to login without having to specify domain, and this is only possible with sssd which will not work alongside winbind for samba.
We have an OpenLDAP setup currently and it was working months ago but I can not seem to get it working again.

Post Reply