Deleting parameters.

Andrew Bartlett abartlet at
Mon Nov 12 06:08:02 GMT 2001

"Gerald (Jerry) Carter" wrote:
> On Mon, 12 Nov 2001, Andrew Bartlett wrote:
> > > OK.  I'll play devil's advocate here.  Have you asked ?  Or are we
> > > assuming?  Now I will also point out that as I did to Andrew B.
> > > that removing the --with-krb5 option removes certain functionality
> > > that I do not think can be supported in 3.0.  Namely, logons
> > > using Kerberos from non-win2000 clients with a non-PAM server
> > > (which there are many).
> >
> > Yes, that problem bothers me.  I think we will end up with a new
> > solution that uses the new kerberos code that is complementary to the
> > existing design.  In intend to allow PAM (and possibly krb5-plaintext)
> > to be configured at runtime, rather than at compile time.  This is
> > actually quite practical with the new auth code.
> You know, I'm glad to hear you say this.  This is the first time
> I've heard anyone mention this plan.  Will it be done in time for 3.0? :-)

If sombody codes it in time for 3.0...

I'll provide the infrustructure, but I can't say its a priority,
particularly given the viable alternitive (and proven) PAM-based method. 

In any case, I'll wait until the new kerberos code is bedded down, so I
have somthing to build on.  We will probably loose the ablity to
authenticate SWAT from it, due to linking madness.

Andrew Bartlett

Andrew Bartlett                                 abartlet at
Manager, Authentication Subsystems, Samba Team  abartlet at
Student Network Administrator, Hawker College   abartlet at

More information about the samba-technical mailing list