svn commit: samba r11471 - in branches/SAMBA_4_0/source/ntvfs/cifs:
.
abartlet at samba.org
abartlet at samba.org
Wed Nov 2 04:24:04 GMT 2005
Author: abartlet
Date: 2005-11-02 04:24:04 +0000 (Wed, 02 Nov 2005)
New Revision: 11471
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=11471
Log:
Describe how kerberos forwarding works with the ntvfs.
Andrew Bartlett
Modified:
branches/SAMBA_4_0/source/ntvfs/cifs/README
Changeset:
Modified: branches/SAMBA_4_0/source/ntvfs/cifs/README
===================================================================
--- branches/SAMBA_4_0/source/ntvfs/cifs/README 2005-11-02 04:12:47 UTC (rev 11470)
+++ branches/SAMBA_4_0/source/ntvfs/cifs/README 2005-11-02 04:24:04 UTC (rev 11471)
@@ -3,9 +3,14 @@
backend is for debugging and development, although some poeple may
find it useful as a CIFS gateway.
+There are two modes of operation: Password specified and delegated
+credentials.
-Here is a typical config:
+Password specified:
+-------------------
+This uses a static username/password in the config file, example:
+
[myshare]
ntvfs handler = cifs
cifs:server = myserver
@@ -14,3 +19,22 @@
cifs:domain = TESTDOM
cifs:share = test
+
+Delegated credentials:
+----------------------
+
+If your incoming user is authenticated with Kerberos, and the machine
+account for this Samba4 proxy server is 'trusted for delegation', then
+the Samba4 proxy can forward the client's credentials to the target.
+
+You must be joined to the domain (net join <domain> member).
+
+To set 'trusted for delegation' with MMC, see the checkbox in the
+Computer account property page under Users and Computers.
+
+[myshare]
+ ntvfs handler = cifs
+ cifs:server = myserver
+ cifs:share = test
+
+
More information about the samba-cvs
mailing list