Deleting parameters.
Andrew Bartlett
abartlet at pcug.org.au
Mon Nov 12 06:08:02 GMT 2001
"Gerald (Jerry) Carter" wrote:
>
> On Mon, 12 Nov 2001, Andrew Bartlett wrote:
>
> > > OK. I'll play devil's advocate here. Have you asked ? Or are we
> > > assuming? Now I will also point out that as I did to Andrew B.
> > > that removing the --with-krb5 option removes certain functionality
> > > that I do not think can be supported in 3.0. Namely, logons
> > > using Kerberos from non-win2000 clients with a non-PAM server
> > > (which there are many).
> >
> > Yes, that problem bothers me. I think we will end up with a new
> > solution that uses the new kerberos code that is complementary to the
> > existing design. In intend to allow PAM (and possibly krb5-plaintext)
> > to be configured at runtime, rather than at compile time. This is
> > actually quite practical with the new auth code.
>
> You know, I'm glad to hear you say this. This is the first time
> I've heard anyone mention this plan. Will it be done in time for 3.0? :-)
If sombody codes it in time for 3.0...
I'll provide the infrustructure, but I can't say its a priority,
particularly given the viable alternitive (and proven) PAM-based method.
In any case, I'll wait until the new kerberos code is bedded down, so I
have somthing to build on. We will probably loose the ablity to
authenticate SWAT from it, due to linking madness.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba-technical
mailing list