Why isn't Kerberos supported on Windows Shares (via smbmount 3.0rc4)?

Andrew Bartlett abartlet at samba.org
Thu Sep 25 00:06:47 GMT 2003

On Thu, 2003-09-25 at 09:33, Steve Smtih wrote:
> Why can smbclient leverage kerberos, but smbmount can
> only user Kerberos against Samba shares (not windows
> shares)?

smbmount must use 'dos' error codes, due to the fact that the
kernel-side smbfs only knows about 'dos' error codes.  For some reason,
microsoft does not allow you to use 'extended security' if you only
speak dos error codes (I presume it just thinks that you must be 'too
old' to know about such advanced things). 

Samba does allow this (why shouldn't we?), and so we can do kerberos.

The CIFS VFS (http://us1.samba.org/samba/Linux_CIFS_client.html) is
going to implement this, I think.  

Andrew Bartlett

Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20030925/964db3b4/attachment.bin

More information about the samba-technical mailing list