LDAP samdb and "ldap ssl" (fwd)
Gerald (Jerry) Carter
jerry at samba.org
Thu Jan 3 08:14:02 GMT 2002
On Thu, 3 Jan 2002, Steve Langasek wrote:
> On Thu, Jan 03, 2002 at 10:20:08PM +1100, Andrew Bartlett wrote:
>
> > On a similar matter, how about allowing the use of kerberos
> > authentication? We could use much of the code currently being used for
> > ADS support to allow Samba to do a kerberos authenticated bind to the
> > LDAP server.
>
> > We might need to teach smbd how to use /etc/krb5.keytab again, but it
> > doesn't look that hard to do.
>
> > How does this sound?
>
> In case it helps sway opinion on the question, I'll mention that using
> the GSSAPI auth mechanism for SASL LDAP will normally get you an
> encrypted connection to boot (usually only DES, but it's better than
> plaintext).
I'll work on this, but it will come later. I want to get the
LDAP out of the "expiriemental" stage first and stable. This is a feature
for round 2.
chau, jerry
---------------------------------------------------------------------
Hewlett-Packard http://www.hp.com
SAMBA Team http://www.samba.org
-- http://www.plainjoe.org
"Sam's Teach Yourself Samba in 24 Hours" 2ed. ISBN 0-672-32269-2
--"I never saved anything for the swim back." Ethan Hawk in Gattaca--
More information about the samba-technical
mailing list