No subject

Mon Dec 1 11:34:25 GMT 2003

                        What does the Samba Team plan to do to
                        integrate Samba servers into native Windows
                        2000 domains?

                        The Samba Team hope to gain more volunteers to
help with this
                        effort. There are basically three areas of
functionality in regards to

                            A Kerberos 5 client implementation in Samba
that understands
                            the proprietary MS PAC
                            A UNIX based Kerberos 5 KDC that can issue
Windows 2000
                            The ability to read data from an Active
(i.e. LDAP) Directory
                            Server via the authorization credentials
(TGT) received from
                            the Windows 2000 Domain KDC

If SAMBA is the ONLY server in a system with MS clients, and assuming a
and a LDAP server set up to use MS schema etc, WHY is a PAC with
which is just in the LDAP schema anyway required.  The KDC could
generate a
dummy PAC, it is encrypted so that the client cant interfere with and
just passes it
around. When SAMBA get the tokens for a user requesting authentication
it can
ignore the dummy PAC and get required info via LDAP.


More information about the samba mailing list