On Wed, 2007-04-04 at 15:18 +0200, Jörg Herzinger wrote: > > The other option is the smbk5pwd module for openldap, and setting 'ldap > > password sync = yes'. I've not used it > myself, but I'm told it works. > > Hmm, thanks, but this module is just a dirty trick in my eyes and it > works just for Heimdal Kerberos but I use MIT-Kerberos. I almost can't > believe that samba supports no other way of authenticating local users > than its own database.
Like Kerberos, Samba needs the password-equivilant values, or some other process that will perform the same calculations on them (like a DC for a member server). There isn't any way around that. Interestingly Heimdal 0.8 includes code to do this in the KDC (we don't have a client for this yet, but it is a very interesting move). Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Samba Developer, Red Hat Inc. http://redhat.com
signature.asc
Description: This is a digitally signed message part
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba