Samba4/HOWTO/Setup a Single Sign-On Website

From SambaWiki
Revision as of 22:56, 23 July 2012 by Intruder0815 (talk | contribs) (→‎Requirements: added content)


This Howto aims to show a clean way to setup a website that provides:

  • SSL encryption (HTTPS) by using a self-signed certificate
  • single sign-on from within your Samba4 domain
  • optional login from outside (user/password prompt)
  • full Kerberos 5 authentication security

The type of setup shown here is very minimal. It is intended to get you a basic idea of how the process works.


You may provide a secured intranet website for your clients, hosting private content on a per-user basis.

It´s also possible to develop a web based application for domain management, using Kerberos/LDAP and Samba´s Python API. More information on this topic may be provided in another document.


  • Samba4 setup as domain controller
  • a working DNS configuration
  • a working Kerberos configuration

It`s recommended to follow the setup process described at Samba4/HOWTO.



Active Directory

Windows Client(s)