Samba and Kerberos
Steve Langasek
vorlon at netexpress.net
Thu Jan 2 23:51:00 GMT 2003
Hi Kenneth,
On Thu, Jan 02, 2003 at 03:38:47PM -0600, Kenneth Stephen wrote:
> I am trying to understand the state of Samba using Kerberos
> authentication. I see from a search on the web that ADS support is now
> available in Samba, and presumably this uses an encrypted password
> communicated over the network rather than the behaviour that was
> previously available via the --with-krb5 flag. If so, would it not be a
> matter of implementation (as opposed to it being technically infeasible)
> to make sure that --with-krb5 now works with encrypted passwords? Can
> someone clue me in as to this please?
ADS-style Kerberos support only works when both client and server are
Kerberos-aware, so such Kerberos "encrypted passwords" support would be
limited to Win2K and WinXP clients. This is a question of technical
feasibility, not of implementation.
It appears that the --with-krb5 option is currently used in connection
with exactly this feature, and that the previous plaintext Kerberos
support has been dropped in 3.0.
--
Steve Langasek
postmodern programmer
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20030102/0ba0d10d/attachment.bin
More information about the samba-technical
mailing list