I'd like to create a Samba server with some shares that have access controlled via accounts on the domain, but without joining the machine to the domain? Is this possible?
I'd like to create a Samba server with some shares that have access controlled via accounts on the domain, but without joining the machine to the domain? Is this possible?
This is possible, but kind of backwards. In order to do it you need to configure PAM on the server to use an LDAP store, then use AD as the LDAP store. That way accesses to the server via Samba (or any other PAM-compatible service for that matter) will run through PAM, which in turn will check against LDAP, which is actually AD. All you need is a user-account in AD to allow the LDAP bind, no need to join the domain.
That's not possible.
http://wiki.samba.org/index.php/Samba_&_Active_Directory