[Samba] Samba and Kerberos

pll+samba at permabit.com pll+samba at permabit.com
Thu Jun 3 14:06:02 GMT 2004

Is there anyway to have Samba auth against Kerberos?

I'm not looking for DC capability, or integration with AD, or 
anything fancy.  I don't want/need Samba to obtain K5 tickets on 
behalf of the client. All I want is to have Samba auth the username and 
password against an existing kerberos environment much like I have 
IMAP doing now.

Is it possible to have Samba auth against PAM, which could be 
configured to use pam_krb5.so?  If so, can someone point me to docs 
on doing this?  I found http://www.samba.org/samba/docs/man/pam.html
which seems to indicate it's possible, however, I'm also assuming 
that to use this, I'd need to have the Windows clients transmitting 
their passwords in cleartext, which I'm not so keen on (unless 
there's some way to run Samba over SSL or the like?)

Thanks for any pointers anyone can throw my way.

GPG Key fingerprint = 1660 FECC 5D21 D286 F853  E808 BB07 9239 53F1 28EE

	 If you're not having fun, you're not doing it right!

More information about the samba mailing list