On Thu, 2004-04-15 at 21:47, Diego Julian Remolina wrote: > If you want to see the order on how to compile them and get them to work > then look at: > > http://www.math.gatech.edu/~dijuremo/ldap/ > > If you have a Native Windows PDC and samba is acting as a secondary then > you can have kerberos authentication against the windows PDC kerberos. > This is done with a cross-realm authentication trick as I was told by > Gerald Carter (one of the developers of samba). > Samba 3 does not support kerberos auths without having a Windows PDC with > Active Directory. If you do not have a native windows pdc then you need > to authenticate against the passwords stored in tdbsam or ldapsam but not > on kerberos.
See, this is the trick I've been talking about. Technially, Samba can use kerberos without a windows DC, but there are some silly, (and some not quite so silly) reasons why that's not an option right now. However, you can add Kerberos to your existing Samba LDAP server. That is, if you run Heimdal 0.6.1 (or better still a snapshot) you can use your sambaNTpassword as the type 23 encryption key, and have linux/unix/OSX clients use kerberos. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net
signature.asc
Description: This is a digitally signed message part
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
