[Samba] Re: Samba integration with nfs4 and kerberos

rmostert rmostert at cs.up.ac.za
Mon Oct 20 22:18:40 GMT 2008


The kerberos is used for auth of the nfs4 and not of the samba users.
Thus , I wish samba to kinit for the user logged in to use the nfs4 share.

Is this possible?

Benjamin Coddington wrote:
> Since authenticating to samba is frequently done via ntlm, you don't 
> have credentials (no password, no keys) to kinit.  If you're willing 
> to add additional keytypes, you can use kcrap (www.spock.org/kcrap/) 
> to at least authenticate ntlm to samba to kerberos.  This runs an 
> additional daemon on your kdc which looks up the equivalent 
> arcfour-hmac key.
>
> From there its just an extra step to have the daemon send a TGT, and 
> save it in a cache for gssd to find.  I could probably send you a 
> patch to do just that -- without any claims of security or completeness.
>
> B
>




More information about the samba mailing list