Samba as a gateway to OpenAFS
abartlet at pcug.org.au
Wed May 29 14:28:04 GMT 2002
> Andrew Bartlett <abartlet at pcug.org.au> writes:
> > > > I see no reason why this would not be possible. We would need to do a
> > > > little bit of work on the smbd side of things, but credential forwarding
> > > > is pretty standard. This assumes either a AD domain, or Samba modified
> > > > to correctlly function with krb5 but without AD (which also implies
> > > > windows clients joined to such a domain).
> > >
> > > So, so how do you tell the client to forward creds to the fileserver, and
> > > can you chose want creds you want to forward ?
> > This assumes krb5, where this is all quite standard.
> Sure, but the question is if there any provision make for this within
> SMB/CIFS ? Doing it out of band make it quite a lot harder, since the all
> (smb) clients need to have a program that forward their creds to the
MS added krb5 to CIFS. It is one of the major pillers of 'Active
Directory'. Samba 3.0 has support for kerberos authenticated clients.
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba-technical