[Samba] Kerberos authentication for non-windows KDCs
gerryw at compvia.com
gerryw at compvia.com
Tue Mar 11 21:57:09 GMT 2008
Hi,
I would like to do this also. Having a doc or how-to would be very helpful
indeed ;)
Thanks,
-G
Wes Modes <wmodes at ucsc.edu>
Sent by: samba-bounces+gerryw=compvia.com at lists.samba.org
03/11/2008 03:25 PM
To
samba at lists.samba.org
cc
Subject
Re: [Samba] Kerberos authentication for non-windows KDCs
This is what I'd heard.
Jeremy or others, you don't have any docs or howtos that point to
setting this up do you?
W.
Jeremy Allison wrote:
> On Tue, Mar 11, 2008 at 02:07:47PM -0400, Sean Elble wrote:
>
>> On 3/11/08 1:46 PM, "Wes Modes" <wmodes at ucsc.edu> wrote:
>>
>>
>>> I was told recently that Kerberos authentication won't work against a
>>> non-windows KDC. Is that accurate? So for instance, it is not
possible
>>> for Samba running on say RHEL, to authenticate against a Linux server
>>> running MIT Kerberos?
>>>
>> In general, it is not possible for *Samba* to authenticate against a
MIT
>> Kerberos server. Technically, it's not possible, period, with Samba 3.
With
>> Samba 4, I am less sure, but I would assume you are trying to work with
>> Samba 3.
>>
>
> That's just not true. Many people are successfully using Samba3 to
authenticate
> with tokens from MIT or Heimdal kerberos servers.
>
> The problem is getting the Windows clients to *get* these tickets, not
in
> Samba interpreting them.
>
> Check out the "use kerberos keytab" option in smb.conf for a common use
> of this.
>
> Please don't spread erroneous info on the list.
>
> Thanks,
>
> Jeremy.
>
>
--
Wes Modes
Server Administrator & Programmer Analyst
McHenry Library
Computing & Network Services
Information and Technology Services
459-5208
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
More information about the samba
mailing list