Hi all,
I currently have a Debian linux system authenticating ssh
logins through pam to our openldap server which then
authenticates against our kdc. The openldap userPassword
attributes are of the form
userPassword: {KERBEROS}userid@MY.REALM
so authentication through openldap gets passed via SASL through
to our kdc.
What I'm trying to do is get samba to authenticate the same
way. When a user attempts to access a share the userid and
pwd entered should authenticate with openldap which then
authenticates with their kerberos principal in the kdc. Is this
possible? I've been able to get samba to authenticate against ldap
when the passwords are stored in ldap (lmPassword, ntpassword) but
I want the authentication to pass through to our kerberos server.
Thanks for any advice.
Keith Lally
lally@bnl.gov