On Thu, 2005-05-26 at 10:05 +0200, David Komanek wrote: > Hi all, > > this is probably VFAQ, but I never found a working solution. I have a > standalone samba server running samba ver. 3. In the network, we have > heimdal kerberos used to authenticate users for pop3,imap,web-based > applications etc. Now I would like to make the samba communicating with > kerberos kdc so there will no longer be users in smbpasswd with separate > passwords outside of kerberos. > > I already compiled samba with --with-krb5 configure switch and have > following options in smb.conf: > > client use spnego = yes > realm = KERBEROS.REALM.NAME > use kerberos keytab = yes
It is naturally up to you to get the clients to talk kerberos, but for the server side, try the attached patch, create and export a [EMAIL PROTECTED] host/[EMAIL PROTECTED] and cifs/[EMAIL PROTECTED] principal to your keytab. It is expected this patch will be included in the next version of Samba. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net
signature.asc
Description: This is a digitally signed message part
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
