[Samba] Kerberos authentication for non-windows KDCs
Wes Modes
wmodes at ucsc.edu
Tue Mar 11 20:25:50 GMT 2008
This is what I'd heard.
Jeremy or others, you don't have any docs or howtos that point to
setting this up do you?
W.
Jeremy Allison wrote:
> On Tue, Mar 11, 2008 at 02:07:47PM -0400, Sean Elble wrote:
>
>> On 3/11/08 1:46 PM, "Wes Modes" <wmodes at ucsc.edu> wrote:
>>
>>
>>> I was told recently that Kerberos authentication won't work against a
>>> non-windows KDC. Is that accurate? So for instance, it is not possible
>>> for Samba running on say RHEL, to authenticate against a Linux server
>>> running MIT Kerberos?
>>>
>> In general, it is not possible for *Samba* to authenticate against a MIT
>> Kerberos server. Technically, it's not possible, period, with Samba 3. With
>> Samba 4, I am less sure, but I would assume you are trying to work with
>> Samba 3.
>>
>
> That's just not true. Many people are successfully using Samba3 to authenticate
> with tokens from MIT or Heimdal kerberos servers.
>
> The problem is getting the Windows clients to *get* these tickets, not in
> Samba interpreting them.
>
> Check out the "use kerberos keytab" option in smb.conf for a common use
> of this.
>
> Please don't spread erroneous info on the list.
>
> Thanks,
>
> Jeremy.
>
>
--
Wes Modes
Server Administrator & Programmer Analyst
McHenry Library
Computing & Network Services
Information and Technology Services
459-5208
More information about the samba
mailing list