[Samba] HOW-TO (mini): Samba in an ADS environment
Andrew Bartlett
abartlet at samba.org
Sat May 1 00:34:21 GMT 2004
On Sat, 2004-05-01 at 04:29, Bob Rasey wrote:
> Hi Mark,
>
> On Fri, Apr 30, 2004 at 07:40:52PM +0200, Mark Proehl wrote:
> >
> > I read your mini howto. You suggest to delete /etc/krb5.keytab. But this file
> > is needed by other kerberized services on the unix server, eg. sshd.
> >
> > Is it possible to use the same keytab file for samba and the other services?
> >
> > What happens to other kerberized services if samba changes the server key?
>
> I'm no Samba expert, but my understanding of how I've set this system
> up is that authentication on the Linux side happens via Winbind, and
> Winbind uses the keytab generated by Samba when you "net ads join".
> The end of chapter 21 in the official Samba HOW-TO discusses
> leveraging Winbind for authenticating services other than Samba.
Patches are being proposed on the samba-technical list to allow Samba to
work with and update the system keytab.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20040501/b818ad33/attachment.bin
More information about the samba
mailing list