On Sat, 2004-07-31 at 05:52, Sensei wrote: > Hi. As I said... I will bother you. :) > > I'm wondering if it's possible to make samba as a primary domain > controller without having samba passwords, but instead using my two KDCs > (MIT K5). > > Is it possible? What should I use in my smb.conf? The wonderful and less > painful thing is samba authenticating via pam... but I don't know how... > the documentation is quite misty.
A PDC requires direct access to the passwords - it cannot use a separate KDC. However, you can make your KDC and Samba share a password database - the 'lorikeet' extensions to Heimdal (included in Heimdal snaphots) allow a KDC to run with Samba passwords as the backend. There is still work to do, but there is a good write up here: https://sec.miljovern.no/bin/view/Info/HeimdalKerberosSambaAndOpenLdap Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College [EMAIL PROTECTED]
signature.asc
Description: This is a digitally signed message part
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
