Tue Dec 2 04:10:01 GMT 2003
(1) User primes Samba server with cleartext password somehow - this can be
done out-of-band in a secure manner.
(2) Using Samba + the Fokstraut code, a DBM database is maintained on the
Samba server that contains the user's username, cleartext password, and
Windows password hash.
(3) The user connects to the Samba server using normal SMB encrypted
authentication. The Samba server authenticates the user using the windows
password hash in the DBM database, and then gets the user AFS tokens by
using the cleartext password in the DBM database.
Is this functionality what is still under developement, or are you refering
to some of the new development work you are doing to get rid of the need
for cleartext passwords all together? I'm working on a web account
management framework that could take care of (1), so your solution looks
really good to me as it stands.
Daniel Clark # Sys Admin & Release Engineer
IBM > Lotus > Messaging Technology Group
More information about the samba-technical