RFC: Kerberos client support

Mayers, Philip J p.mayers at ic.ac.uk
Mon Oct 23 16:28:19 GMT 2000


I've said several times that I'm going to look at implementing Kerberos
client support in Samba, and now it's gotten to the point where it would be
seriously useful to me. So, I'm going to start down a (probably long and
painful) road of research & development...

Before I start, is anyone else working on this, does anyone else want to
cooperate, and if anyone has done any investigative work (and come up with
"Too hard, we need X and Y and Z before that") then please let me know. The
mailing list would seem an appropriate place to discuss this?

What I'm talking about: Allowing Samba as a file-server to accept
Kerberos/GSSAPI authentication from incoming client connections, by
accepting and supplying "extended security" in the SMB NegProt. This has
nothing to do with PDC functionality, in the large-scale, although having
this infrastructure in place will probably be necessary for Native-mode
Win2K support.


| Phil Mayers, Network Support     |
| Centre for Computing Services    |
| Imperial College                 |

More information about the samba-technical mailing list