I really don't think that putting keytab code in to Samba is the right answer. Do you really want to be in charge of modifying keytabs? This could get quite complicate -- especially when you multiply the effort by the number of possible encryption types...
On Friday 21 March 2003 04:14 pm, Luke Howard wrote: > >Yes - I think the benefit (getting real kerberos authentication working > >on unix in ADS) outweighs the 'risk' here. > > > >Now, all somebody needs to do is write up the patch or dig one up that's > >already done... > > Well, we've submitted read-only keytab patches on a few occasions, albeit > as compile-time options. > > Adding support for writing to the keytab and/or runtime support for the > keytab remains to be done... > > -- Luke
