-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Thanks Samba Team! I was able to utilize AD kerberos authentication to apache using mod_auth_kerb and samba. The 'net ads keytab create' enabled me to create a machine keytab for the webserver. The 'net ads keytab add' feature enabled me to add an 'HTTP' service principal to this keytab, which shows up in the AD machine object's attributes. I did not have to create a user in AD and map the attributes (as in this doc: http://www.microsoft.com/windows2000/techinfo/planning/security/kerbsteps.asp), so for all intents and purposes this is a seamless operation. AD single sign on using GSSAPI is working for windows firefox and internet exploiter clients beautifully! I will be writing up a doc on this soon (this weekend) at oslabs.mikro-net.com. Thanks again for the tireless efforts of the Samba Team! -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCodriKgGND9z3oKwRAgQaAJ4jxYwxj1qKxjJAwZGMwKXOEAcSqgCgmcTy e8rGiG2kV6bv1XkMzxNsV78= =VwZI -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
