A few more questions and comments... related to this topic
If Kerberos is the back-end to LDAP.. there is no need to synchronize or store a
password in the LDAP tree.. just the principal for the user in the userpassword
attribute: userpassword = {kerberos}name@domain
in the smb.conf file do I
Jonathan Higgins wrote:
A few more questions and comments... related to this topic
If Kerberos is the back-end to LDAP.. there is no need to synchronize or store a
password in the LDAP tree.. just the principal for the user in the userpassword
attribute: userpassword =
Hi, Andrew,
Thank you very much for your answer.
Now our case is as below:
1, our client machine is the windows 2000
2, We want our Kerberos run in the Unix box.
3, We also want the samba as PDC for all windows user and machine.
4, We want integrate the Kerberos Authentication
Here what you could use:
LDAP with Kerberos password backend.
Samba 2.2.6 PDC with LDAP backend.
Windows passwords are stored in LDAP in samba object, not in Kerberos
KDC since they use incompatible encryption methods.
Use Kerberos passwords as primary source and synchronize Windows
passwords
