Oi,
Simple bind method: Create a user, add the credentials to the root only
readable file nslcd.conf. Done
Kerberos: Create user, add a SPN, extract keytab, edit nslcd.conf (ok.
This is all done only once.). But then, if I understand it right, I need
something that renews the kerberos ticket from time to time.
So currently I don't see what are the advantages of Kerberos and in
which way it should be easier or anything else. :-)
If you're happy with plain text passwords being passed over the network
then use them. There may be some admins that will not be able to do that
though, so. . .
If this were the only kerberos advantage, we'd all be using LDAP with
TLS to secure passwords on the wire.
[]s, Fernando Lozano
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
