[Samba] Kerberos authentication for non-windows KDCs
Jeremy Allison
jra at samba.org
Tue Mar 11 19:20:52 GMT 2008
On Tue, Mar 11, 2008 at 02:07:47PM -0400, Sean Elble wrote:
> On 3/11/08 1:46 PM, "Wes Modes" <wmodes at ucsc.edu> wrote:
>
> > I was told recently that Kerberos authentication won't work against a
> > non-windows KDC. Is that accurate? So for instance, it is not possible
> > for Samba running on say RHEL, to authenticate against a Linux server
> > running MIT Kerberos?
>
> In general, it is not possible for *Samba* to authenticate against a MIT
> Kerberos server. Technically, it's not possible, period, with Samba 3. With
> Samba 4, I am less sure, but I would assume you are trying to work with
> Samba 3.
That's just not true. Many people are successfully using Samba3 to authenticate
with tokens from MIT or Heimdal kerberos servers.
The problem is getting the Windows clients to *get* these tickets, not in
Samba interpreting them.
Check out the "use kerberos keytab" option in smb.conf for a common use
of this.
Please don't spread erroneous info on the list.
Thanks,
Jeremy.
More information about the samba
mailing list