[Samba] OpenLDAP,heimdal kerberos,sasl, wich order?

Andrew Bartlett abartlet at samba.org
Fri Apr 23 12:00:56 GMT 2004


On Fri, 2004-04-23 at 20:38, Adam Tauno Williams wrote:
> > > http://www.math.gatech.edu/~dijuremo/ldap/
> > However, you can add Kerberos to your existing Samba LDAP server.  That
> > is, if you run Heimdal 0.6.1 (or better still a snapshot) you can use
> > your sambaNTpassword as the type 23 encryption key, and have
> > linux/unix/OSX clients use kerberos.
> 
> Just curious is Heimdal will honor account flags like locked or
> disabled?  

Yes.  Not very well, but they are honoured.  (I need to look into the
mapping a bit more)

> And does it update/use the password can/must change
> attributes (for expiration, etc..)?

Not at present.  What I really want to see is the password policy stuff
go into OpenLDAP, and have it set the values for all users.  

Andrew Bartlett
-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20040423/9039760b/attachment.bin


More information about the samba mailing list