[Samba] Authentication from W2K PDC..Samba 3.0beta
Jerome Walter
walter+samba at efrei.fr
Mon Jun 23 22:44:27 GMT 2003
On Mon, Jun 23, 2003 at 02:19:06PM -0800, Tim Jordan, Network Services wrote:
> Hello everyone,
>
> Can I use Ldap to authenticate against our W2K PDC? I have winbind
> working for Samba 2.2.8a - but the boss wants me to see about Ldap.
In a word no. But there is still some means to authenticate to the W2k DC (i
assume this is Active Directory) and to use LDAP to store user data.
Active Directory is mainly based on Kerberos authentication system plus LDAP
for config and user settings storage, the whole glued with proprietary
extensions.
You could authenticate to the W2k DC using Kerberos (and should so go and look
for it on the microsoft website), and then use "pseudo-LDAP" from w2k to get
informations, using for exemple credentials obtained from w2k.
w2k LDAP does not store passwords as in "nis" settings of openldap for
exemple, so you cannot authenticate against it.
You should look for the following terms, if you want to get a complete
solution :
- Active Directory
- Microsoft Interoperability web page
- MIT Kerberos website
- GSSAPI layer (mainly based on SASL system, for barbary terms ;) )
- openldap clients to get information from LDAP servers
Jerome Walter
--
-+-- Jérôme Walter - I2 EFREI ----+-
Equipe Système - Efrei Robotique - Jap'Efrei - Erasmus Tutors
"The World is my country" - "Nihon no tomodachi desu"
EFREI System and Networking guide http://perso.efrei.fr/~walter/
More information about the samba
mailing list