Forum Discussion
Azure AD DS, linux, SSSD, SAMBA
Hello,
Trying to setup a Samba file share on a Linux(centos7) using SSSD and Azure AD DS.
Cannot get this going. Any ideas or documentation.
I have read that this may not be possible and that I may have to use ldap or secure ldap t authenticate. Possibly use winbind, I am not sure this is compatible with Azure AD DS.
Any help would be appreciated.
Thank you
1 Reply
It's probably a LOT easier to do this with Azure files rather than force Linux to deal with AAD.
https://docs.microsoft.com/en-us/azure/storage/files/storage-how-to-use-files-linux?tabs=smb311But if you really want to do it, a few tidbits:
- You have to open port 445, both in the VM definition in Azure and in the Linux box itself. That being said, it's a really really really bad idea to expose that to the open Internet. You should be providing a private VPN into the Azure network and then get to it from there.
- You have to configure secure LDAP (or LDAPS) to accept AAD as an authentication source: https://docs.microsoft.com/en-us/azure/active-directory-domain-services/tutorial-configure-ldaps
- Then you have to configure samba to use LDAP: https://admin.shamot.cz/?p=470#:~:text=These%20are%20only%20changes%20needed%20to%20make%20Samba,other%20attributes%20used%20by%20Samba%20to%20user%20account.
But oh my it is so much easier to use Azure Files for that
