[Samba] Kerberos support in 3.0?

pll+samba at permabit.com pll+samba at permabit.com
Mon Feb 23 17:43:15 GMT 2004

Hi all,

I'm about to begin building a single-sign-on environment (hopefully). 
We just brought our first set of Windows-based PCs in, and would like 
to integrate them into our existing Linux/MacOS X environment.

We are currently running MIT Kerberos, and would like to create a 
Samba PDC which authenticates against these KDCs.  Another parallel 
project is to migrate to OpenLDAP.  I haven't found a lot of 
documentation regarding Samba, LDAP, *and* kerberos.  It seems the 
LDAP information is there, but the krb5 stuff hasn't been addressed 
as well.

Can someone provide pointers to any existing docs on using Samba and 

The things I'm not clear on are:

  - does the Windows client need krb5 client sw installed to auth 
    directly against the kdc, or the it proxy this through the Samba 
  - Does the Samba PDC auth directly against the kdc, or punt that to 
    the LDAP server?


GPG Key fingerprint = 1660 FECC 5D21 D286 F853  E808 BB07 9239 53F1 28EE

	 If you're not having fun, you're not doing it right!

More information about the samba mailing list