On Tue, 2003-03-25 at 22:55, Luke Howard wrote: > > >I agree that if Samba is changing the password for a particular kerberos > >principal, then it should store the hashes in the keytab. > > > >The idea of *finally* getting kerberos useful on real sites is just too > >appealing :-) > > > >Naturally, the original plaintext password should stay basically where > >it is. > > In that case, perhaps it *is* better just to provide a get/set command line > tool for the secret store rather than trying to hook the keytab into SAMBA > per se.
Well, I think we should provide both, but if Samba just changed the password for a principal, I see no harm in setting the password into the keytab, when selected by the admin. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net
signature.asc
Description: This is a digitally signed message part