[Samba] Samba pwd in kerberos?
Andrew Bartlett
abartlet at samba.org
Sun Aug 1 05:17:15 GMT 2004
On Sat, 2004-07-31 at 05:52, Sensei wrote:
> Hi. As I said... I will bother you. :)
>
> I'm wondering if it's possible to make samba as a primary domain
> controller without having samba passwords, but instead using my two KDCs
> (MIT K5).
>
> Is it possible? What should I use in my smb.conf? The wonderful and less
> painful thing is samba authenticating via pam... but I don't know how...
> the documentation is quite misty.
A PDC requires direct access to the passwords - it cannot use a separate
KDC.
However, you can make your KDC and Samba share a password database - the
'lorikeet' extensions to Heimdal (included in Heimdal snaphots) allow a
KDC to run with Samba passwords as the backend.
There is still work to do, but there is a good write up here:
https://sec.miljovern.no/bin/view/Info/HeimdalKerberosSambaAndOpenLdap
Andrew Bartlett
--
Andrew Bartlett abartlet at samba.org
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20040801/82c8be38/attachment.bin
More information about the samba
mailing list