[PATCH] samba3-keytab
Steve Langasek
vorlon at netexpress.net
Tue Sep 2 17:50:28 GMT 2003
On Tue, Sep 02, 2003 at 05:39:44PM +0000, Jeremy Allison wrote:
> On Tue, Sep 02, 2003 at 07:31:27PM +0200, Guenther Deschner wrote:
> > hi,
> >
> > attached is my latest version of the keytab-patch for 3_0:
> Nice patch but I hate the docs I'm afraid. We need to explain
> what a keytab file is, and why you might want one.
> Remember, Microsoft makes this stuff *easy*. So does Samba
> with a keytab in the secrets.tdb (ie. people don't have to
> know it exists).
> If you want an external one please explain *why* in the docs.
If use of a keytab alone is now a viable option, why should it not be
used by *default* in place of secrets.tdb, with no explanation
necessary? For those with Unix Kerberos experience who want this, we
don't have to be told why using a keytab is beneficial: storing the key
information in secrets.tdb may be more *automatic*, but I would hardly
call it *easier*. :)
All things being equal, creating a keytab that can be accessed directly
with the standard Unix Kerberos tools in the same directory as
secrets.tdb would be far friendlier than the current behavior, IMHO.
--
Steve Langasek
postmodern programmer
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20030902/4cb71659/attachment.bin
More information about the samba-technical
mailing list