[Samba] Re: Samba integration with nfs4 and kerberos

[rmostert]

The kerberos is used for auth of the nfs4 and not of the samba users.
Thus , I wish samba to kinit for the user logged in to use the nfs4 share.

Is this possible?

Benjamin Coddington wrote:
Since authenticating to samba is frequently done via ntlm, you don't 
have credentials (no password, no keys) to kinit.  If you're willing 
to add additional keytypes, you can use kcrap (www.spock.org/kcrap/) 
to at least authenticate ntlm to samba to kerberos.  This runs an 
additional daemon on your kdc which looks up the equivalent 
arcfour-hmac key.


From there its just an extra step to have the daemon send a TGT, and 
save it in a cache for gssd to find.  I could probably send you a 
patch to do just that -- without any claims of security or completeness.


B




--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Samba Nfs4 kerberos intergation

[rmostert]

Hi,
I have two linux machines whom are  currently  linked via nfs3. A 
directory form one machine is mounted on the other, and this directory 
is part of a samba share. This setup works fine, except for the 16 
groups limitation. To overcome this I have upgrades to nfs4, and use 
mit-kerberos.


How can I tell samba to kinit to the current user so that the mounted 
nfs4 share is read with the right permissions?


Thanks alot!
Reino Mostert

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba