I have joined a server running Rocky 8.7 to a domain using realm. I am able to login locally, ssh and sudo using a active directory account. I have some samba shares I can access with a local account. How do I access the samba shares and authenticate to active directory?
It’s been a long while since I’ve tried this, so my information/knowledge may be a bit off. As far as I know, there’s a couple ways to do it. Though first what I would verify is you can run
smbclient -L //domain/share -m SMB3 -k and see if you get results back for your share.
As for the ways to mount it with your AD credentials, you can use the kerberos ticket you get when logging in with an AD user (check
klist) or you can specify the credentials needed in
/root/.credfile, which mount should hopefully pick up.
To do the former, you can try to do something like:
sudo mount -t cifs -o _netdev,user=yourusername,cruid=yourusername,sec=krb5 //domain/path /where/to/mount
/root/.credfile, it would look like this:
username=... password=... domain=addomain
The mount command would be something like this, adding in other options as you need.
sudo mount -t cifs -o _netdev,credentials=/root/.credfile //domain/path /where/to/mount
Optionally, you can you can add
gid=...,uid=... if you want it to owned completely by your user and no one else on the system. You can also set