Trust status
Andrew Bartlett
abartlet at samba.org
Wed Dec 3 20:53:29 GMT 2008
On Wed, 2008-12-03 at 13:40 +0100, Stefan (metze) Metzmacher wrote:
> Hi Andrew,
>
> what's the status of trust support in samba4?
Very poor. This is my next task, once I get the extended DN work in.
> Can NT4 trust us?
Probably.
> Can we trust NT4?
No.
> Can an AD-Forest trust us using krb5?
We have some of the KDC parts done (as Heimdal has cross-realm already),
but in setting up the trust windows asks us to use a LSA Op that we
don't yet implement.
> Can we trust an AD-Forest using krb5?
Similarly, this should be the next task.
> Can an AD-Forest trust us using ntlmssp?
> Can we trust an AD-Forest using ntlmssp?
Both of these require more work with winbind and creating a
map of the full transitive set of trusts.
> Can Samba3 trust us? (With the extended dn fixes applied)
I hope to have this working soon.
> Can we trust Samba3?
No.
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20081204/3da7a44b/attachment.bin
More information about the samba-technical
mailing list