[Samba] Smart card logon
abartlet at samba.org
Thu Feb 21 08:50:24 GMT 2008
On Thu, 2008-02-21 at 08:48 +0100, Asier Baranguán wrote:
> Andrew Bartlett escribió:
> >> It's one task of my daily work. I've deployed smartcard logons in several customer
> >> scenarios, with Windows 2003 Enterprise domains using n-level certification autorities,
> >> using Microsoft CA Certificate Services and externally trusted certification authorities.
> >> Some clients have Linux-based servers and workstations. Making smartcard logon work in
> >> this systems would be very, very appreciated.
> > OK, I wasn't particularly looking at the client end, but this has been
> > known to work. The group I'm part of at Red Hat demo'ed this working
> > while showing off using Red Hat certificate system.
> What were you looking for? server side? I mean, integration in server side between a CA
> and the server?
Quite simply: What do I have to do to make a WinXP client accept a
smartcard for login, when in a Samba4 domain.
I have a CA and tokens, but not much knowledge on how to use them... (I
have access to Red Hat's proprietary product & token, as well as an
Aladdin token and software).
> > I can help you with this, and perhaps you can help me making Samba4 as a
> > server and KDC support this, for windows clients.
> That would be great, I'm very interested in this setup.
I'll see what I can find out for you, but have you tried out Fedora 8's
smartcard integration? With the right pcsc drivers loaded, it should
mostly be a matter of configuration with system-config-auth.
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20080221/99ad2676/attachment.bin
More information about the samba-technical