[Samba] passwd chat for samba->kerberos passwd-sync

Matt Skerritt matt.skerritt at agrav.net
Thu Feb 1 05:57:01 GMT 2007

On 01/02/2007, at 12:23 AM, Torsten Becker wrote:

> Hello!
> I tried to run a samba3 server as pdc for windowsXP clients with  
> ldap backend and kerberos authentication.
> I stuck with these two possibilities:
> 1. Samba is pdc, winxp is domain-member, users are autheticated  
> against smbpasswords within ldapsam.
> If the kerberos password of the korresponding principal has the  
> same password, the users get a ticket from the kdc after windows  
> logon.
> But I have two password databases: ldapsam and kerberos

I currently have this setup at my place of work. The only catch is I  
have to use that I have to install the Mit Kerberos for Windows  
release in order to get the kerberos tickets from the KDC at login -  
and not all kerberised windows apps know about the Mit kerberos  
libraries for windows :(  (fortunately the postgres ODBC drivers,  
mozilla firefox and thunderbird, and putty are so aware). Is this  
what you had in mind, or do you actually have a way to convince  
Windows XP itself to get a ticket from the KDC after login to the  
Samba domain? I would be very interested if you did.

Matt Skerritt
matt.skerritt at agrav.net

More information about the samba mailing list