R: [Samba] winbind AD and Kerberos !

Gianluca Culot gianlucaculot at dmsware.com
Mon May 7 07:37:45 GMT 2007

> -----Messaggio originale-----
> Da: samba-bounces+gianlucaculot=dmsware.com at lists.samba.org
> [mailto:samba-bounces+gianlucaculot=dmsware.com at lists.samba.org]Per
> conto di Andreas Ladanyi
> Inviato: lunedì 7 maggio 2007 9.31
> A: samba at lists.samba.org
> Oggetto: [Samba] winbind AD and Kerberos !
> Hi,
> Did i understand it correctly that the difference between
> "security=ADS" and  "security=domain" is ADS will use Kerberos
> and domain will not ?
> I configured my winbind with security=ADS. Could i change this to
> "domain" ? How do you think about the security question ?
> Andy
> _______________________________________________________________
> SMS schreiben mit WEB.DE FreeMail - einfach, schnell und
> kostenguenstig. Jetzt gleich testen! http://f.web.de/?mc=021192
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba

As far as I understand Samba

security=ADS implements ActiveDirectory protocol and is used to auth user
against an AD domain (windows2000, windows2003)

security=domain implements NT style protocol and is used to auth user
against an NT domain (NT4, windows2000 in mixed mode, NOT native)

Both security should work under w2k and w2k3... but why should you use an
old NT style auth protocol ?


More information about the samba mailing list