Brief answer is "no" for both questions. But this does not mean that such task
is impossible, just that nobody used to pay attention to it cause in theory I
see no reasons why this can not be done.
Trusted authentication has 2 steps. First, client should pass to the server
context of logged in user. Next server determines login name for that context.
If we find in linux (not sure where should they be - in sambe? in pam?) calls
performing same tasks compiling plugin for linux will not be a problem.
List of required API functions FYI is :
AcquireCredentialsHandle, DeleteSecurityContext, FreeCredentialsHandle,
FreeContextBuffer, InitializeSecurityContext, AcceptSecurityContext,
GetTokenInformation, AllocateAndInitializeSid, EqualSid, FreeSid
May be I missed one or two but suppose that's not critical for now.