APPLICATION NOTE
Active Directory Integration for Samba
Centrify's packaged and tested version of Samba works seamlessly on systems that have been joined to Active Directory using DirectControl
"We were impressed that within minutes we could get DirectControl up and running and working seamlessly with Samba, something that was not possible with alternatives we considered."
Christopher Smith
IS Manager, RadioFrame Networks
Learn More
Our white paper details how DirectControl can make Samba more secure, more manageable, and enterprise ready.
Try It for Yourself
This version of Samba has been enhanced to work seamlessly with DirectControl. To see for yourself how DirectControl enables you to centrally control access to UNIX, Linux and Mac systems from Active Directory:
Samba enables Windows users to access file shares on a UNIX server using native Windows SMB protocols. Samba can be configured to use Active Directory to authenticate Windows users. However, when a Windows user saves a file on a UNIX share, Samba must assign UNIX user and group IDs to the file. Windows users do not typically have UNIX profiles, so Samba will set and store arbitrary values for these attributes on each UNIX server. Since Samba does not have a way to centrally store UNIX identity information in Active Directory, users can have different attributes from one server to the next. In most enterprise situations, this is not a workable solution.
Centrify overcomes this shortcoming with a packaged and tested version of Samba that works seamlessly on systems that have been joined to Active Directory using DirectControl. Centrify provides this DirectControl-enabled version of Samba free of charge to help you be more productive and to accelerate your deployment. Customers and those evaluating DirectControl can download it from the Centrify Download Center. See below for more insight into the features and benefits of using the DirectControl-enabled Samba.
Centrify's unique Support for Open Source Software plan provides the same benefits as product support, including guaranteed service levels and other benefits.
Features and Benefits
Centrify's Dave Daugherty explains our packaged and tested version of Samba, and how DirectControl provides centralized ID mapping through Active Directory.
Centrify's Samba solution makes this Open Source tool enterprise-ready and provides the following additional key features to enable Active Directory users to securely and consistently access UNIX SMB file shares:
Centrally controlled user identity mapping. The DirectControl for Samba module controls the mapping of Active Directory accounts to UNIX Zone profiles to ensure consistent file system access controls across all servers that are joined to the Active Directory domain with DirectControl.
Multi-domain single sign-on support. Users from one Active Directory domain can access Samba shares on servers in another trusted domain without being prompted for their credentials. This is the same behavior that users would expect when using an all-Windows environment.
Active Directory group-based access controls. Some UNIX operating systems limit the number of groups that a user can belong to. For example, a Solaris user can not be a member of more than 32 groups. Centrify's solution overcomes this limitation and also supports nested groups, enabling Samba to leverage Active Directory groups for file access control regardless of the UNIX operating system's limitations.
Automated configuration. The DirectControl for Samba solution includes scripts to automatically configure Samba to work with DirectControl and Active Directory, and scripts to start the appropriate services each time the UNIX system boots. Centrify includes pre-compiled binary versions of the DirectControl-enabled Samba package for each of the supported platforms.
Supported Platforms
| Systems A-Z | 32-bit | 64-bit | ||
How to read this chart:
 = Supported
 = Recent Additions
 = Coming Soon
|
||||
 CentOS Linux |
3.8 x86 | |
 |
|
| 3.8 x86_64 | |
|
||
| 4.4 x86 | |
|
||
| 4.4 x86_64 | |
|
||
| 5.0 x86 | |
|
||
| 5.0 x86_64 | |
|
||
| Debian Linux |
3.0 x86 | |
|
|
| 3.1 x86 | |
|
||
| 4.0 x86 | |
|
||
| Hewlett Packard HP-UX |
11.00 PA-RISC | |
|
|
| 11.00 PA-RISC Trusted | |
|
||
| 11.11 PA-RISC | |
|
||
| 11.11 PA-RISC Trusted | |
|
||
| 11.23 Itanium | |
|
||
| 11.23 Itanium Trusted | |
|
||
| 11.31 Itanium | |
|
||
| 11.31 Itanium Trusted | |
|
||
| IBM AIX |
5.1 | |
|
|
| 5.2 | |
|
||
| 5.3 | |
|
||
| 6.1 | |
|
||
| Novell SUSE Linux |
Ent. Server 8.0 x86 | |
|
|
| Ent. Desktop 9.0 x86 | |
|
||
| Ent. Server 9.0 x86 | |
|
||
| Ent. Server 9.0 x86_64 | |
|
||
| Ent. Desktop Pro 9.1 x86 | |
|
||
| Ent. Desktop Pro 9.2 x86 | |
|
||
| Ent. Desktop Pro 9.3 x86 | |
|
||
| Ent. Desktop 10.0 x86 | |
|
||
| Ent. Server 10.0 x86 | |
|
||
| Ent. Server 10.0 x86_64 | |
|
||
| OpenSUSE Linux |
10.1 x86 | |
|
|
| 10.1 x86_64 | |
|
||
| 10.2 x86 | |
|
||
| 10.2 x86_64 | |
|
||
| 10.3 x86 | |
|
||
| 10.3 x86_64 | |
|
||
| Oracle Enterprise Linux |
4.0 x86 | |
|
|
| 4.0 x86_64 | |
|
||
| 5.0 x86 | |
|
||
| 5.0 x86_64 | |
|
||
| Red Hat Linux |
9.0 x86 | |
|
|
| Red Hat Enterprise Linux |
AS/ES/WS 3.0 x86 | |
|
|
| AS/ES/WS 3.0 x86_64 | |
|
||
| AS/ES/WS 4.0 x86 | |
|
||
| AS/ES/WS 4.0 x86_64 | |
|
||
| AS/ES/WS 5.0 x86 | |
|
||
| AS/ES/WS 5.0 x86_64 | |
|
||
| AS/ES/WS 5.1 x86 | |
|
||
| AS/ES/WS 5.1 x86_64 | |
|
||
| Red Hat Fedora |
Core 3 x86 | |
|
|
| Core 3 x86_64 | |
|
||
| Core 4 x86 | |
|
||
| Core 4 x86_64 | |
|
||
| Core 5 x86 | |
|
||
| Core 5 x86_64 | |
|
||
| 6 x86 | |
|
||
| 6 x86_64 | |
|
||
| 7 x86 | |
|
||
| 7 x86_64 | |
|
||
| Scientific Linux |
3.0.8 x86 | |
|
|
| 3.0.8 x86_64 | |
|
||
| 4.4 x86 | |
|
||
| 4.4 x86_64 | |
|
||
| 4.5 x86 | |
|
||
| 4.5 x86_64 | |
|
||
| 5.0 x86 | |
|
||
| 5.0 x86_64 | |
|
||
| Silicon Graphics IRIX |
6.5.22 MIPS | |
|
|
| 6.5.23 MIPS | |
|
||
| 6.5.24 MIPS | |
|
||
| 6.5.25 MIPS | |
|
||
| 6.5.26 MIPS | |
|
||
| 6.5.27 MIPS | |
|
||
| 6.5.28 MIPS | |
|
||
| 6.5.29 MIPS | |
|
||
| Sun Solaris |
8 SPARC | |
|
|
| 9 SPARC | |
|
||
| 9 x86 | |
|
||
| 10 SPARC | |
|
||
| 10 x86 | |
|
||
| 10 x86_64 | |
|
||
| Ubuntu Linux |
Desktop 6.06 LTS x86 | |
|
|
| Server 6.06 LTS x86 | |
|
||
| Desktop 7.04 x86 | |
|
||
| Server 7.04 x86 | |
|
||
| Desktop 7.10 x86 | |
|
||
| Server 7.10 x86 | |
|
||
 |