> >> > I am curious whether it is possible to have Samba authenticate against > >> > Kerberos as a password backend, particularly with the Heimdal > >> > implementation. I really am not much of a Windows guru and try to > >> > avoid the OS as much as possible; but I have gathered that from 2000 > >> > onwards it has supported Kerberos V for authentication. Would this > >> > mean that the winbind backend could be used to talk to the Kerberos > >> > server? > >> > > >> > I really want to avoid having to write any custom scripts or wrappers > >> > to synchronize passwords between Samba and Kerberos. > >> > >> Recommended reading: > >> http://www.pdc.kth.se/heimdal/heimdal.html#Using-LDAP-to-store-the-database > >> > Yes I use it with ~1000 users, and it's working like charm, you just > have to take care of the ACLs of passwords stored on LDAP as stated on > Samba and Heimdal documentations, also if you want nonsasl binds you may > want to set the userPassword attributes to > [EMAIL PROTECTED] I've attached my > /usr/lib/sasl2/slapd.conf, /etc/default/saslauthd (I use debian), and > hdb.schema (I've found it googleing).
Hello, I see no way to authenticate Samba againist Kerberos without AD. As I know samba doesn't use userPassword but it use sambaLMPassword and sambaNTPassword instead (due to different encryption). So what's the difference between storing Kerberos data in LDAP and storing it separately? Am I missing something important? Regards, Luf -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
