[Samba] storing public-key in AD

Stefan Kania stefan at kania-online.de
Mon May 9 19:56:00 UTC 2022

Hi Rowland

Am 09.05.22 um 20:23 schrieb Rowland Penny via samba:
> On Mon, 2022-05-09 at 20:10 +0200, Stefan Kania via samba wrote:
>> 	Error verifying signature: parse error
>> --------------ms000904050908020602030103
>> Content-Type: text/plain; charset=UTF-8
>> Content-Transfer-Encoding: 7bit
>> Hi to all,
>> with OpenLDAP there is an ObjectClass to store public-keys.
>> http://pig.made-it.com/ldap-openssh.html
>> These public-keys can then be used together with ssh using the
>> parameter
>> "AuthorizedKeysCommand" in sshd_conf. Is there a schema or
>> ObjectClass
>> for Samba AD to store publickeys in AD or do I have to write my own
>> attribute? All I found was a way to add an own Attribute to AD:
>> https://blog.laslabs.com/2016/08/storing-ssh-keys-in-active-directory/
> Yes you can extend the schema, but why bother, just use kerberos.
Most of the time using Kerberso is fine, but for some hosts I need
public-key authetnication.
> If you really want to extend the schema, I have an ldif somewhere.
If you find one thart would ben nice, so I don't have to fiddle around ;-)

> Rowland

More information about the samba mailing list