Hi Jack,
I've been trying to avoid GSSAPI, because I believe it requires the
machine to be a fully paid-up member of the AD. In my environment
that's very tricky to impossible[1].
Ok, you might also want to try simple authentication or even anonymous
access to AD - that should work, too (and would also be easier to deploy
in your diskless environment) - I just did not cover it in my blog as it
is insecure. The only thing I know that authentication using
SASL/DIGEST-MD5 does not work because of the bug I mentioned.
1. Some of the longer lines in the quoted files appear truncated. They
cut-n-paste fine though.
2. I've found that removing /var/cache/samba/winbind* seems to work
for cache clearing.
3. You probably mean "getent passwd" (instead of "password"), and for
some reason in my case it still doesn't return the AD users (though
wbinfo -u does). The users can still authenticate though.
Thanks for the hints - I have updated the blog (I know it truncates long
lines, unfortunately there is nothing I can do with it).
Cheers,
Ondrej
_______________________________________________
autofs mailing list
[email protected]
http://linux.kernel.org/mailman/listinfo/autofs
