RFC: Kerberos client support

Jeremy Allison jeremy at valinux.com
Mon Oct 23 18:01:39 GMT 2000

On Mon, Oct 23, 2000 at 05:28:19PM +0100, Mayers, Philip J wrote:

> I've said several times that I'm going to look at implementing Kerberos
> client support in Samba, and now it's gotten to the point where it would be
> seriously useful to me. So, I'm going to start down a (probably long and
> painful) road of research & development...
> Before I start, is anyone else working on this, does anyone else want to
> cooperate, and if anyone has done any investigative work (and come up with
> "Too hard, we need X and Y and Z before that") then please let me know. The
> mailing list would seem an appropriate place to discuss this?
> What I'm talking about: Allowing Samba as a file-server to accept
> Kerberos/GSSAPI authentication from incoming client connections, by
> accepting and supplying "extended security" in the SMB NegProt. This has
> nothing to do with PDC functionality, in the large-scale, although having
> this infrastructure in place will probably be necessary for Native-mode
> Win2K support.

I have a CD that was given out at the CIFS conference containing
packet sniffs and a paper on implementing kerb5 support for
a mainframe SMB server (can't remember the company, sorry).

I will hunt this down and get the info to you. As soon as
this is coded up (by anyone) I'll get it into the next
Samba release ASAP !

I'd love to co-operate but am currently chasing down bugs
and integrating patches for the 2.2.0 release - as soon as
that is out of the door I'd love to work on this with you
as I worked on the MIT Kerb5  source code whilst I was at

Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.

More information about the samba-technical mailing list