-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Wes Modes,
Look this howto about Kerberized OpenLDAP, Samba PDC and Squid: http://eduardosachs.org/mediawiki/index.php?title=Heimdal_Kerberos_%2B_Samba_PDC_%2B_OpenLDAP_%2B_Squid_no_Debian_Etch But, it's only portuguese :( []'s Wes Modes escreveu: > First, I'll just say this is a question principally about the arcane > mysteries of Samba to OpenLDAP authentication. > I've had Samba to OpenLDAP authentication running for a while now using > the samba.schema and the ldapsam module. Now I'd like to understand a > bit more about how that works in order to take it a step further and get > openLDAP to bind against a Kerberos database via SASL. > > An aside; Yes, I'd heard that Samba can be configured to authenticate > against Kerberos directly, but for my own reasons, I'd prefer that Samba > talk only to OpenLDAP, and OpenLDAP can do the authentication. I'll > fall back on the Samba to Kerberos direct route if I can't find a way to > do what I want. > > I've noted that the Samba schema and smbldap-tools add to the user > record two Samba specific password fields, sambaNTPassword and > sambaLMPassword. > If I have the ldapsam module specified as the passdb backend in > smb.conf, is OpenLDAP merely storing the samba passwords while Samba > does the password comparisons? Or does OpenLDAP do the authentication > and return a yes or no? > > Is it possible to have Samba defer authentication to OpenLDAP? If so, I > can have OpenLDAP use the {SASL} method to do authentication via kerberos. > > Wes > - -- Eduardo Sachs (51) 9262-3803 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFH0ltmKB6+7l7CbHURAlb9AJ9J8DX8CeV9YLsRbIcCspP2oI3T3ACgqpQ4 KGpIQrpWdxbZaO4TvPXERVA= =6OOw -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba