Fixes for S3 DCE/RPC GSSAPI with Heimdal
lukeh at padl.com
Fri Apr 22 07:31:51 MDT 2011
> BTW: gss_wrap_iov() doesn't work with all encryption types in heimdal.
Yes, good point. MIT supports all enctypes.
BTW, does this mean that Samba 3 now can use GSS-API out of the box? I'd like to test it with GSS EAP. What happens if the authorisation data isn't available -- will it fallback to winbindd or something? (It's possible to tunnel authorisation data via GSS EAP but for a proof of concept I'd like to avoid it.)
Of course, I'm happy to use either Samba 3 or 4; I just haven't looked at either trees for a few years now.
More information about the samba-technical