[Samba] storing public-key in AD

Rowland Penny rpenny at samba.org
Mon May 9 18:23:33 UTC 2022

On Mon, 2022-05-09 at 20:10 +0200, Stefan Kania via samba wrote:
> 	Error verifying signature: parse error
> --------------ms000904050908020602030103
> Content-Type: text/plain; charset=UTF-8
> Content-Transfer-Encoding: 7bit
> Hi to all,
> with OpenLDAP there is an ObjectClass to store public-keys.
> http://pig.made-it.com/ldap-openssh.html
> These public-keys can then be used together with ssh using the
> parameter
> "AuthorizedKeysCommand" in sshd_conf. Is there a schema or
> ObjectClass
> for Samba AD to store publickeys in AD or do I have to write my own
> attribute? All I found was a way to add an own Attribute to AD:
> https://blog.laslabs.com/2016/08/storing-ssh-keys-in-active-directory/

Yes you can extend the schema, but why bother, just use kerberos.

If you really want to extend the schema, I have an ldif somewhere.


More information about the samba mailing list