[Samba] Samba - LDAP - Kerberos
Andrew Bartlett
abartlet at samba.org
Thu Apr 5 09:39:21 GMT 2007
On Wed, 2007-04-04 at 15:18 +0200, Jörg Herzinger wrote:
> > The other option is the smbk5pwd module for openldap, and setting 'ldap password sync = yes'. I've not used it > myself, but I'm told it works.
>
> Hmm, thanks, but this module is just a dirty trick in my eyes and it
> works just for Heimdal Kerberos but I use MIT-Kerberos. I almost can't
> believe that samba supports no other way of authenticating local users
> than its own database.
Like Kerberos, Samba needs the password-equivilant values, or some other
process that will perform the same calculations on them (like a DC for a
member server). There isn't any way around that. Interestingly Heimdal
0.8 includes code to do this in the KDC (we don't have a client for this
yet, but it is a very interesting move).
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc. http://redhat.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20070405/3a36ab16/attachment.bin
More information about the samba
mailing list