On Wed, Mar 12, 2008 at 06:38:35PM -0400, Sean P. Elble wrote: > > That said, this is the problem I have run into with my attempt to learn how > to combine Samba, OpenLDAP, and Kerberos. It's not terribly difficult to > integrate the three, but the Holy Grail of using MIT Kerberos (or Kerberos > of any variety, really) on Windows as a member of a Samba domain to > authenticate to a Samba server seems to be something we will only > see with Samba 4. Please correct me if I am wrong in saying that, but that > is how it has appeared to me for quite some time.
No, that's correct. Windows needs the integrated krb5+LDAP+DynDNS+DCE/RPC etc. pretending to be Active Directory before it will use krb5 tickets. ie. Use of krb5 in the client has been deliberately tied to using Microsoft servers (or servers that fool the client well enough that it believes they are Microsoft servers). Jeremy. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
