Can anyone tell me if I can configure Samba 3.x to rely only on Kerberos authentication (in an AD domain)? Ideally I'd like to use local UNIX accounts, not winbind, and negate the need for me to add an entry to passdb, then the account must exist in AD and locally on each Samba member server for authentication to work. If there is any info held in passdb, other than the NTLM coded password, which must exist for Samba to work then I'd like to either enter an unusable password or disable NTLM authentication completely. Reason for my second request is if I am forced to have users in passdb I don't want to have to worry about the data being world readable from a security perspective.
Any thoughts much apprectiated, thanks Andy. BBCi at http://www.bbc.co.uk/ This e-mail (and any attachments) is confidential and may contain personal views which are not the views of the BBC unless specifically stated. If you have received it in error, please delete it from your system. Do not use, copy or disclose the information in any way nor act in reliance on it and notify the sender immediately. Please note that the BBC monitors e-mails sent or received. Further communication will signify your consent to this. -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba