On Sat, 2004-07-31 at 05:52, Sensei wrote:
Hi. As I said... I will bother you. :)
I'm wondering if it's possible to make samba as a primary domain
controller without having samba passwords, but instead using my two KDCs
(MIT K5).
Is it possible? What should I use in my smb.conf? The wonderful and less
painful thing is samba authenticating via pam... but I don't know how...
the documentation is quite misty.
A PDC requires direct access to the passwords - it cannot use a separate
KDC.
However, you can make your KDC and Samba share a password database - the
'lorikeet' extensions to Heimdal (included in Heimdal snaphots) allow a
KDC to run with Samba passwords as the backend.
There is still work to do, but there is a good write up here:
https://sec.miljovern.no/bin/view/Info/HeimdalKerberosSambaAndOpenLdap
Andrew Bartlett
--
Andrew Bartlett [EMAIL PROTECTED]
Authentication Developer, Samba Teamhttp://samba.org
Student Network Administrator, Hawker College [EMAIL PROTECTED]
signature.asc
Description: This is a digitally signed message part
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
