[Samba] Samba-3 openldap gssapi auth to kerberos
geza at kzsdabas.sulinet.hu
Tue Apr 6 17:55:10 GMT 2004
-----BEGIN PGP SIGNED MESSAGE-----
Peter Nyberg írta:
| How do I configure smb.conf and/or Pam as a single sign on server if I
| LDAP server with a Kerberos as password backend through gssapi?
| I only see either Samba/ldap as PDC or Samba/kerberos with ads on the
| Not both at the same time?
| I've already configured samba with LDAP and Kerberos support.
| to works. I also configured Samba with ads and Pam support if needed?
Unfortunatelly not yet.
Windows clients need an MSPAC in their Kerberos tickets, and as usual
with M$ "inventions" they keep thats a trade secret, so currently only
AD Kerberos servers can do that.
However you can have a Heimdal Kerberos server (current snapshots) with
LDAP backend authenticate your UNIX users against NT password hashes.
For more info you can search the Heimdal or the Samba-technical mailing
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the samba