[Samba] samba with NTLM *and* kerberos authentication
Andrew Bartlett
abartlet at samba.org
Mon Aug 8 18:10:43 GMT 2005
On Fri, 2005-08-05 at 16:41 -0400, alex.nishri at utoronto.ca wrote:
> We have an existing samba server with many userids, using NTLM
> authentication (stored in OpenLDAP). We would like to add many other
> userids, which will authenticate against an existing MIT kerberos server.
> Each of our customers will have either an NTLM-based userid/password, or
> a kerberos-based userid/password, but never both.
>
> We would like both kinds of userids to work with the same samba server.
> e.g. in a PC lab, if a customer enters kerberosUserid at REALMNAME.EDU
> it should authenticate against our kerberos server, and allow access
> to that user's Samba space; if another customer enters NTLMUserid,
> it should authenticate using NTLM (stored in our OpenLDAP), and
> allow access to that user's Samba space.
>
> Is this possible ?
This should be possible, if you setup samba into the kerberos realm with
cifs/.... and host/.... entries. Put 'use kerberos keytab = yes' in
your smb.conf, and it should sort of work.
Have a play, see how you go.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Samba Developer, SuSE Labs, Novell Inc. http://suse.de
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20050809/3ea83f7d/attachment.bin
More information about the samba
mailing list