On Wed, 22 Oct 2003, Aaron Rosenblum wrote: > I would be willing to write up docs on this and send them to the > community, should I get it working (with your help)...
Please send me your notes in any form convenient to you. I can convert them to XML and will include them in the HOWTO. Thanks for offering to help. - John T. > > aaron > > On Oct 21, 2003, at 8:07 PM, Aaron Rosenblum wrote: > > > Hi, > > > > I have been reading through the docs for Samba 3, and there is a lot > > of talk about how samba 3 can function in an AD domain as a member > > server and accept kerberos service tickets issued by an MS KDC. (net > > ads join, etc...) > > I have a slightly different twist on a similar situation. I have an > > MIT kerberos realm set up and my Windows2000 PCs get tickets from this > > realm on login just fine. I would like to set up a samba server as > > purely a fileserver, and I want my PC clients to be able to mount > > samba shares using Kerberos service tickets issued by my MIT KDC. I > > know many more people are probably using AD as their KDC, but we want > > to decrease our reliance on AD. (That is the idea, isn't it? :-) ) > > It seems like this should work. Is this possible? If so, how do I > > configure the samba server? What do I tell my Kerberos admin to put > > in the keytab for samba? ie smbserver/[EMAIL PROTECTED] ??? > > > > As an addition, I am fine with managing my users locally on this samba > > server (as opposed to binding to an LDAP server). Our KDC has a large > > number of users in it, and I only want to give access to a very small > > subset of these users. I just want these users to be able to present > > a service ticket from our MIT realm as authentication instead of being > > prompted for a password. > > > > any input would be greatly appreciated.. > > > > thanks > > > > Aaron > > > > -- > > To unsubscribe from this list go to the following URL and read the > > instructions: http://lists.samba.org/mailman/listinfo/samba > > -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba