Samba as a gateway to OpenAFS
Andrew Bartlett
abartlet at pcug.org.au
Wed May 29 14:28:04 GMT 2002
Love wrote:
>
> Andrew Bartlett <abartlet at pcug.org.au> writes:
> > > > I see no reason why this would not be possible. We would need to do a
> > > > little bit of work on the smbd side of things, but credential forwarding
> > > > is pretty standard. This assumes either a AD domain, or Samba modified
> > > > to correctlly function with krb5 but without AD (which also implies
> > > > windows clients joined to such a domain).
> > >
> > > So, so how do you tell the client to forward creds to the fileserver, and
> > > can you chose want creds you want to forward ?
> >
> > This assumes krb5, where this is all quite standard.
>
> Sure, but the question is if there any provision make for this within
> SMB/CIFS ? Doing it out of band make it quite a lot harder, since the all
> (smb) clients need to have a program that forward their creds to the
> server.
MS added krb5 to CIFS. It is one of the major pillers of 'Active
Directory'. Samba 3.0 has support for kerberos authenticated clients.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba-technical
mailing list