On Fri, 2003-04-04 at 08:05, Byars, Jason M wrote:> Hi, I'm stuck in a network enviroment where ADS has taken over and by
> the end of the year the main DC's will only allow kerberos
> authentication. The problem is I have several legacy systems that are
> equipment controllers that can't be upgraded. They are running
> everything from OS/2 to NT4. So I need something for them to
> authenticate against using Lanman/NTLM/etc.
> Would it be possible to configure samba 3 to pretend to be a DC, but
> instead of autheticating against it's own ldap database, make it
> authenticate against the main kerberos DC's? Samba has gotten me out
> of several other situations, but I've never investigated using it this
> way before. Is anyone in a similar situation? Does anyone know if
> this is possible? Thanks
If NT and LM authentication is really shut down (and that is not a usual
configuration), then there isn't anything much you can do.
However, this isn't a usual configuration, even for 'native mode'
DCs.
Andrew Bartlett
--
Andrew Bartlett abartlet@pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet@samba.org
Student Network Administrator, Hawker College abartlet@hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :
http://lists.samba.org/archive/samba/attachments/20030404/b42de4a9/attachment.bin