LDAP samdb and "ldap ssl" (fwd)
Steve Langasek
vorlon at netexpress.net
Thu Jan 3 07:33:08 GMT 2002
On Thu, Jan 03, 2002 at 10:20:08PM +1100, Andrew Bartlett wrote:
> On a similar matter, how about allowing the use of kerberos
> authentication? We could use much of the code currently being used for
> ADS support to allow Samba to do a kerberos authenticated bind to the
> LDAP server.
> We might need to teach smbd how to use /etc/krb5.keytab again, but it
> doesn't look that hard to do.
> How does this sound?
In case it helps sway opinion on the question, I'll mention that using
the GSSAPI auth mechanism for SASL LDAP will normally get you an
encrypted connection to boot (usually only DES, but it's better than
plaintext).
Cheers,
Steve Langasek
postmodern programmer
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20020103/db3f9436/attachment.bin
More information about the samba-technical
mailing list