Hi Kenneth, On Thu, Jan 02, 2003 at 03:38:47PM -0600, Kenneth Stephen wrote:
> I am trying to understand the state of Samba using Kerberos > authentication. I see from a search on the web that ADS support is now > available in Samba, and presumably this uses an encrypted password > communicated over the network rather than the behaviour that was > previously available via the --with-krb5 flag. If so, would it not be a > matter of implementation (as opposed to it being technically infeasible) > to make sure that --with-krb5 now works with encrypted passwords? Can > someone clue me in as to this please? ADS-style Kerberos support only works when both client and server are Kerberos-aware, so such Kerberos "encrypted passwords" support would be limited to Win2K and WinXP clients. This is a question of technical feasibility, not of implementation. It appears that the --with-krb5 option is currently used in connection with exactly this feature, and that the previous plaintext Kerberos support has been dropped in 3.0. -- Steve Langasek postmodern programmer
msg05169/pgp00000.pgp
Description: PGP signature