[Samba] SaMBa - authenticate Linux machines
Andrew Bartlett
abartlet at samba.org
Mon Jul 12 02:20:48 GMT 2004
On Mon, 2004-07-12 at 10:45, Alex Satrapa wrote:
> On 11 Jul 2004, at 05:50, Keppler wrote:
>
> > it is possible a server Samba authenticate Linux/FreeBSD machines?
>
> You may be better off using LDAP for both Samba and Unix account
> logins. This means you can also use an LDAP aware mail server (for
> example).
>
> Some people use winbind where the user accounts are managed by an
> existing Windows PDC.
The other option that I'm trying to make more mainstream is the use of
Heimdal kerberos for this task.
Many sites have a Samba PDC, and the Samba passwords, but can't get the
original plaintext. (For example, they vampired them from NT).
I've worked with the maintainers of Heimdal kerberos to allow Samba's
password database to be the backend behind Hedimdal.
In the same way that Microsoft migrated to kerberos on a WinNT -> Win2k
upgrade, so a Samba server can also provide Kerberos.
On the clients, all you need is current kerberos libraries (MIT 1.3.1 is
what I test with). Things like pam_krb5 just work!
Andrew Bartlett
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20040712/e766da92/attachment.bin
More information about the samba
mailing list