[Samba] winbind/krb5 questions

Gerald (Jerry) Carter jerry at samba.org
Thu Aug 26 15:04:28 GMT 2004


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jay Ted wrote:
| After setting up winbindd, krb5 and pam, I can log
| into my linux server and be authenticated against the AD.
| When I am logged into the linux server should I have any
| tickets shown with klist?  I can manually runkpass after login
| but I would like this to be automated, wasn't sure if I should
| be using the pam_krb5 module to take care of creating the ticket
| at login.

pam_winbindd doesn't use krb5 to authenticate requests.  So
therefore no tickets.  I would recommend pam_krb5 in this
case (there's a creds option to get it to keep your tickets
when you login).

| How do I handle the passwd commands?  If a user trys to change
| their password while logged into the linux server are they
| supposed to use the smbpasswd command?

You can use pam_winbind.so or pam_krb5 (though probably the
latter is easier if you are wanting a more krb5 oriented solution).




cheers, jerry
- ---------------------------------------------------------------------
Alleviating the pain of Windows(tm)      ------- http://www.samba.org
GnuPG Key                ----- http://www.plainjoe.org/gpg_public.asc
"If we're adding to the noise, turn off this song"--Switchfoot (2003)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFBLfv8IR7qMdg1EfYRAs0zAJ98CgEKol5LD9olGblkS3yBKqzOKACg30sB
fcie94FlRToYnibOPOA0Tx4=
=aTvH
-----END PGP SIGNATURE-----


More information about the samba mailing list