who is creating TESTDIR.TMP ?
Jeremy Allison
jra at samba.org
Fri Nov 23 22:19:42 EST 2001
On Fri, Nov 23, 2001 at 02:30:18AM -0800, Andrew Tridgell wrote:
> > Which bits of the kerberos-foo btw ?
>
> well, I've got the ldap and krb5 code netjoin integrated into samba
> head now, just doing a few final cleanups (error handling, leaks)
> before I commit. Maybe tomorrow.
>
> I've also got it to not need nearly so many parameters in krb5.conf, I
> now override them. krb5.conf is still needed for the netjoin because
> there doesn't seem any way of overriding defaults in the Cyrus sasl
> library, but smbd and smbclient can do without krb5.conf now.
>
> Also, I'm storing the machine password in secrets.tdb, and creating an
> encryption block on the fly, so you don't need a krb5.keytab. That
> took a *lot* of incredibly messy kerberos code to get right, but we
> had to do it in order to support old clients via NTLM when we are an
> ADS member.
Very cool. I'll love to peruse it when it's checked in. When you've
finished all this work you should write a book on "programming with
kerberos 5" :-) :-).
Jeremy.
More information about the samba-cvs
mailing list