svn commit: samba r12345 - in trunk/source: . nsswitch
gd at samba.org
gd at samba.org
Mon Dec 19 04:04:40 GMT 2005
Author: gd
Date: 2005-12-19 04:04:40 +0000 (Mon, 19 Dec 2005)
New Revision: 12345
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=12345
Log:
Add Kerberos authentication to winbindd.
This allows a winbindd client to let the winbindd daemon do the PAM_AUTH
using Kerberos, if the client chooses a known ccache pragma (e.g.
"FILE", winbindd won't us a memory ccache and instead create a ccache
for that user and put a TGT into. Winbindd then will also request a
service ticket for itself to retrieve the PAC to store the info3 in the
samlogon cache. Currently we simply trust that client's uid for creating
a ccache, this must most probably be changed again. (this would allow a
user a to overwrite the ccache of user b when user a know the password
of user b).
Guenther
Modified:
trunk/source/Makefile.in
trunk/source/nsswitch/winbindd_nss.h
trunk/source/nsswitch/winbindd_pam.c
Changeset:
Sorry, the patch is too large (638 lines) to include; please use WebSVN to see it!
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=12345
More information about the samba-cvs
mailing list