[Samba] Re: Samba integration with nfs4 and kerberos
rmostert at cs.up.ac.za
Mon Oct 20 22:18:40 GMT 2008
The kerberos is used for auth of the nfs4 and not of the samba users.
Thus , I wish samba to kinit for the user logged in to use the nfs4 share.
Is this possible?
Benjamin Coddington wrote:
> Since authenticating to samba is frequently done via ntlm, you don't
> have credentials (no password, no keys) to kinit. If you're willing
> to add additional keytypes, you can use kcrap (www.spock.org/kcrap/)
> to at least authenticate ntlm to samba to kerberos. This runs an
> additional daemon on your kdc which looks up the equivalent
> arcfour-hmac key.
> From there its just an extra step to have the daemon send a TGT, and
> save it in a cache for gssd to find. I could probably send you a
> patch to do just that -- without any claims of security or completeness.
More information about the samba