[Samba] Samba + Kerberos ONLY NO AD
Andrew Bartlett
abartlet at samba.org
Thu Mar 13 02:58:31 GMT 2008
On Sun, 2008-03-09 at 23:31 +0530, Sadique Puthen wrote:
> gerryw at compvia.com wrote:
> > Hello All,
> >
> > I am trying to figure out how to configure Samba to use Kerberos for
> > authentication. I have found many how-tos and many posts on integrating
> > Samba with AD. This is not what I need to do. I want to eliminate AD. I
> > have seen several posts by others who want to do the same thing, but they
> > are either answered with something about AD or not at all. Is there a way
> > to make Samba just use plain Kerberos for authentication?
> >
>
> What you mean by plain kerberos for authentication? You can use pam_krb5
> for kerberos authentication and there is no need to use samba in any way
> for this to work. If I have understood ur question wrongly, please
> correct me.
To use pam_krb5 you must be running plaintext passwords over the
network, which as well as being insecure, is also buggy, due to be an
almost completely untested code-path on the clients. Just don't do
it...
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20080313/58526161/attachment.bin
More information about the samba
mailing list