external authentication
Andrew Bartlett
abartlet at pcug.org.au
Thu Jan 24 14:43:13 GMT 2002
> Marbacher Christophe wrote:
>
> Hi,
>
> Is there any way to authenticate users using something else than
> static passwords stored in smbpasswd or ldap? For example tokens
> (ActivCard, SecurID, ...)? Is there a way to tell samba to launch a
> program with parameters, and depending on the result, accept or deny
> login?
>
> If anybody has an idea, it would be nice to contact me.
This is quite a possible extension to the authenticaion subsystem in
HEAD.
It would depend on both the client and the server 'knowing' the same
password (for encrypted passwords) or somthing similar for a plaintext
(PAM based) approach. The latter I presume would be secure with tokens,
but exposes issues with convincing clients to use them.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba
mailing list