[Samba] Thoughts for you geniuses
Andrew Bartlett
abartlet at samba.org
Thu Feb 20 05:58:27 GMT 2003
On Thu, 2003-02-20 at 02:00, Robert Adkins II wrote:
> Joel,
>
> The final piece you mention is, from what I know, currently
> impossible under Linux. While Windows 2000 does use a MS modified
> Kerberos system, I understand that it is quite different then the true
> Kerberos standard. To have network-wide authentication, you could look
> at developing an LDAP system, which the MS systems should be able to use
> for authentication.
MS's implementation of kerberos introduced a new 'encryption type', but
other than that, it really isn't anything particularly special. It
really is just like MIT, with a couple of hacks for NT compatibility
with how NT has historically been organized. Plus they added the PAC,
which they have now documented.
Running winbindd on your clients and joining the domain will certainly
allow you to log into the workstation with domain passwords.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20030220/eedca7c0/attachment.bin
More information about the samba
mailing list