Remote Domain access with Samba

This is a discussion on Remote Domain access with Samba within the Linux Security forums, part of the System Security and Security Related category; -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi ~ I have a Samba 3.0 primary domain controller on one machine/network, ...


Go Back   Usenet Forums > System Security and Security Related > Linux Security

Reload this Page Remote Domain access with Samba

FAQ Members List Calendar Search Today's Posts Mark Forums Read

Reply

 

LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 12-04-2004
paul Morriss
 
Posts: n/a
Default Remote Domain access with Samba
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi
~ I have a Samba 3.0 primary domain controller on one machine/network,
but we want to have remote users to be able to connect to it, I can
connect if I am on the local network but not remote.

1) Is it possible to get Samba to allow remote domain access - including
user authentication.

2) How would you setup a secure authentication system (such as Kerberos)
up in conjuction with Samba.

Your help and assistance is greatly appreciated.

Paul
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFBsi19oLDxPzZbDg8RAu+IAKCa4JKttpzIz8CaDIcF/JKAWWLFDQCeMsV4
JAjDUW5tgBj37y3WgvpG8WE=
=YFUs
-----END PGP SIGNATURE-----
Reply With Quote
  #2 (permalink)  
Old 12-05-2004
Michael J. Pelletier
 
Posts: n/a
Default Re: Remote Domain access with Samba
paul Morriss wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi
> ~ I have a Samba 3.0 primary domain controller on one machine/network,
> but we want to have remote users to be able to connect to it, I can
> connect if I am on the local network but not remote.
>
> 1) Is it possible to get Samba to allow remote domain access - including
> user authentication.
>
> 2) How would you setup a secure authentication system (such as Kerberos)
> up in conjuction with Samba.
>
> Your help and assistance is greatly appreciated.
>
> Paul
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.4 (GNU/Linux)
> Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
>
> iD8DBQFBsi19oLDxPzZbDg8RAu+IAKCa4JKttpzIz8CaDIcF/JKAWWLFDQCeMsV4
> JAjDUW5tgBj37y3WgvpG8WE=
> =YFUs
> -----END PGP SIGNATURE-----

What do you mean by remote? You want people to access/authenticate from
outside your network? If so, try using VPN. This way, you know for sure
(they have to get through your VPN server before accessing you SAMBA
server) who has access to the SAMBA server. It also is a secure way of
doing things.

As for Kerberos and SAMBA, I think it is possible but I would have to check.

-- Michael
Reply With Quote
  #3 (permalink)  
Old 12-05-2004
paul Morriss
 
Posts: n/a
Default Re: Remote Domain access with Samba
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Michael J. Pelletier wrote:
| paul Morriss wrote:
|
|
| Hi
| ~ I have a Samba 3.0 primary domain controller on one machine/network,
| but we want to have remote users to be able to connect to it, I can
| connect if I am on the local network but not remote.
|
| 1) Is it possible to get Samba to allow remote domain access - including
| user authentication.
|
| 2) How would you setup a secure authentication system (such as Kerberos)
| up in conjuction with Samba.
|
| Your help and assistance is greatly appreciated.
|
| Paul

| What do you mean by remote? You want people to access/authenticate from
| outside your network? If so, try using VPN. This way, you know for sure
| (they have to get through your VPN server before accessing you SAMBA
| server) who has access to the SAMBA server. It also is a secure way of
| doing things.

I would like a few other people to be able to access/authenticate
against the domain, where they are on ISP A and I am on ISP B, this may
be local to the UK but I know people in the US so they may need access.

Would VPN allow domain authentication?

| As for Kerberos and SAMBA, I think it is possible but I would have to
check.



| -- Michael

Paul
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFBsx1woLDxPzZbDg8RAqN1AKC9Y73JVZ3T0IYIqt3N+2 S2JepoVwCfZyba
1GkSaj3Hcy/mhdx1gb1YCw0=
=P6Qx
-----END PGP SIGNATURE-----
Reply With Quote
  #4 (permalink)  
Old 12-05-2004
Tauno Voipio
 
Posts: n/a
Default Re: Remote Domain access with Samba
paul Morriss wrote:
> Hi
> ~ I have a Samba 3.0 primary domain controller on one machine/network,
> but we want to have remote users to be able to connect to it, I can
> connect if I am on the local network but not remote.
>
> 1) Is it possible to get Samba to allow remote domain access - including
> user authentication.
>
> 2) How would you setup a secure authentication system (such as Kerberos)
> up in conjuction with Samba.
>

The SMB networking protocols work in principle in a local network
(old name LAN Manager).

For remote access you need to extend the local network with
a tunnel. To keep the wild part of the Internet out, the
extension usually needs to be encrypted. The combination
is a VPN (Virtual Private Network). There are many different
protocols to do it.

HTH

--

Tauno Voipio
tauno voipio (at) iki fi

Reply With Quote
Reply
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On




All times are GMT +1. The time now is 01:52 PM.

Contact Us - Usenet Forums - Archive - Top

Powered by vBulletin® Version 3.7.3
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO 3.0.0