Configure Samba to use domain accounts for authentication

last updated in Categories , , , , ,

Q. How can I configure Samba to use domain accounts for authentication, so that user will be authenticated?

A. Samba server provides an options that allows authentication against a domain controller. Edit your smb.conf file using vi text editor:
Type the following command as root user

# vi /etc/samba/smb.conf
$ sudo /etc/samba/smb.conf

Make sure parameters are set as follows [global] section of smb.conf file:

encrypt passwords = Yes
preferred master = No
domain master = No


  • Workgroup: This controls what workgroup your server will appear to be in when queried by clients.
  • netbios name : This sets the NetBIOS name by which a Samba server is known.
  • encrypt passwords : This boolean controls (YES or NO value) whether encrypted passwords will be used with the client. Note that Windows NT 4.0 SP3 and above and also Windows 98 will by default expect encrypted passwords unless a registry entry is changed. This is what you need to use for Window XP/2000/2003 systems.

Restart samba serve:
# /etc/init.d/samba restart

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

6 comment

  1. I am using a Samba server on a Solaris box with Windows domain controllers for certification. Every file request coming from a pc running XP is resulting in a certification request from the Samba server to the domain controller. Since we deal in thousands of files, this is consuming a bit of time.

    Is there a way to configure Samba such that the granted certification is assumed to be valid for some extended period of time — such as 5 minutes?

    Thanks for any advice you can give.

  2. I configured linux redhat samba server and already shared a directory which will be use for data sharing but problem is when we want to connect from windows Xp then we can see the share directory but we are unable to access when we double click on the share directory then appear below error message.
    ===============Error message=================
    \\\\home is not accessible. You might have permission to use this network resource. Contact the administrator of this server to find out if you have access permissions.
    Access is denied.
    Please advice how do I solve the problem

  3. Very helpful information.Thank you so much. I’ve been trying to figure out this issue. great job.Keep going

  4. The Samba share can be accessed even if we are not integrated with Domain Controller. The Share will authenticate by Username itself. If we have configured the samba share for user andrew and in domain controller there is user andrew, we can open the samba share folder.

    Is this an Bug???

  5. I have existing ldap user on ldap server now I want to use this account in samba share for giving access permission for share. How can this possible?

  6. Hello I recently joined my computer with ubuntu to a domain using an active directory and realmd sssd but want to share a folder to a specific samba domain user does not recognize the credentials that users could someone tell me the cause

    Still, have a question? Get help on our forum!