[Samba] All-Linux LAN solution with windows compatibility
Simon Brenner
simon.brenner at home.se
Sun Oct 19 11:51:52 GMT 2003
This is a school project, but you might find it interresting anyways ;-)
We have one server running Debian and a client also running Debian. On
top of this we have ~5 mixed clients (windows and linux). This LAN will
be merged with other LAN's later on (all of them running Windows 2000
Active Directory)
The original plan was to use kerberos for one-login auth, OpenLDAP as
directory server, and OpenAFS for file sharing. We have already fixed an
IMAP mail server, that authenticates to our MIT KerberosV KDC.
All went fine up until the OpenAFS installation (kerberos was
surprisingly easy to pull off, heard it was a PITA), and it seems
impossible to install the Debian packages or to make from source, so
we're looking towards Samba (this will probably simplify our merger with
the windows groups later on, which is an additional plus).
Now to the question(s):
How do we make samba authenticate to our (custom) kerberos server? (My
thought was that the kerberos and LDAP could emulate an AD domain, but
perhaps that is impossible?)
Should we run samba as a PDC instead? ( :-( and we spent so much time
installing kerberos)
If we need to run Samba as a PDC (Samba3 can be an AD PDC, can't it?),
what will happen to our IMAP server that authenticates to the currently
running kerberos KDC? What would we need to change to make it
authenticate against Samba's AD kerberos?
Criteria:
- We want to enforce kerberos authentication for all clients.
- Windows compatability is very nice, since this LAN will be merged with
a windows LAN later on
- IMAP authentication through kerberos
I (and we) would be very grateful for any help with this
We thank you, Revered Gurus of Samba ;-)
// Simon Brenner
More information about the samba
mailing list