Samba and Kerberos

Kenneth Stephen y2kmvs at
Fri Jan 3 00:29:00 GMT 2003

On Thu, 2 Jan 2003, Steve Langasek wrote:

> Hi Kenneth,
> ADS-style Kerberos support only works when both client and server are
> Kerberos-aware, so such Kerberos "encrypted passwords" support would be
> limited to Win2K and WinXP clients.  This is a question of technical
> feasibility, not of implementation.

	Not sure what this means. If I run the Samba server on the same
machine as a server which understood Kerberos authentication (for example,
AIX 5.1 with a DCE based KDC), would that qualify? What about the
extra info that Microsoft stuffs into the Kerberos protocol that I've
heard Win client _need_? I need Samba working with a non-Microsoft KDC.

	Yes, Paul Henson's sec_auth patches are available on the net, but
my understanding of the way that solution works is that once you have an
id working via sec_auth, it wouldnt work via straighforward telnet / ssh.
Also, I never quite got it to work correctly with IBM DCE 3.1 .


More information about the samba-technical mailing list