Samba Share with domain authentication

Latest response

Hello,

I want to user samba server on RHEL 7 and be able to access to the share from windows server with domain authentication.

I successfully create the same as anonymous and with local user on samba server but now I need some help with the domain authentication.
RHEL vm is integrated to Microsoft Active Directory with realm join and I'm using sssd. Login to the vm with domain id is working fine.

Content of smb.conf is :

[global]
workgroup = INFRATEST
client signing = yes
client use spnego = yes
kerberos method = secrets and keytab
log file = /var/log/samba/%m.log
realm = DOMAIN.INFRATEST
security = ads

============================ Share Definitions ==============================

[infratest]
Path = /infratest
read only = no
create mask = 0774
directory mask = 0774
guest ok = no
valid users = @INFRATEST\LIN-ADM

LIN-ADM is a security group in AD for linux admins.

From a windows server when I'm trying to get \IP\infratest the authentication is needed but there is an error : Windows cannot access \IP\infratest

samba version : 4.9.1-10.el7_7
RHEL 7 with kernel 3.10.0-1062.12.1.el7.x86_64

Thanks for your help.
Regards
Sebastien

Responses

Found the explanation on : https://access.redhat.com/articles/4355391 So I used different command with realm :

realm join --client-software=winbind -U user@domain domaincontrollerfullfqdn

and now it's working fine