As an Active Directory encompasses not only LDAP and Kerberos but also DNS and there are funny things Microsoft does with DNS (dynamic updates, special SRV records to locate hosts etc.), running Samba as an Active Directory domain controller means running either the built-in DNS server or bind9 with a special DLZ plugin.
Following up on the previous post, here’s how we get sssd to actually provide access to our Samba-driven Active Directory.
In the past, we used to integrate Samba and “native” Linux users by using a single password backend, often LDAP:
Almost exactly a year ago the first official Samba 4 release saw the light of the world, bringing with it Active Directory Domain Controller support as one of its biggest merits. All relevant Windows APIs had been implemented, thus allowing for all user management to be done through Windows tools such as the “Active Directory… Continue reading Limited winbind usability with Samba 4