[Samba] Samba and Heimdal Kerberos V Authentication

Ludek Finstrle ludek.finstrle at pzkagis.cz
Mon Mar 19 06:50:25 GMT 2007

Mon, Dec 11, 2006 at 10:09:48AM +0100, Asier Baranguán napsal(a):
> El Lunes, 11 de Diciembre de 2006 02:46, Matt Skerritt escribió:
> > Like you, I would like to have the setup described below. I believe
> > this setup is possible, and the client and server setup side of it is
> > described at
> >
> > http://sial.org/howto/kerberos/windows/
> >
> > (which was also linked earlier in this thread). I am yet to set samba
> > up to do kerberos authentication as described, but I did successfully
> > join a Windows XP client to my MIT KDC as described.
> Then you can join Windows XP to MIT KDC, but not to a Samba PDC. Ooops, that's 
> a big problem because a Samba PDC is... emmm... a PDC :-)
> > The biggest  problem that I've found so far is that as soon as you
> > join your windows clients to the non-windows kerberos KDC, then that
> > client is no longer in a domain, and all users and groups have to be
> > local to the machine. 
> Uhhh... the drawbacks are big... I can't even /test/ this kind of setup: I 
> can't deal without login scripts, domain users, domain groups and so on.

Have you ever heard about pgina? Maybe it's your way.

I know I'm little bit late but ...



More information about the samba mailing list