-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Jay Ted wrote:
| After setting up winbindd, krb5 and pam, I can log
| into my linux server and be authenticated against the AD.
| When I am logged into the linux server should I have any
| tickets shown with klist? I can manually runkpass after login
| but I would like this to be automated, wasn't sure if I should
| be using the pam_krb5 module to take care of creating the ticket
| at login.
pam_winbindd doesn't use krb5 to authenticate requests. So
therefore no tickets. I would recommend pam_krb5 in this
case (there's a creds option to get it to keep your tickets
when you login).
| How do I handle the passwd commands? If a user trys to change
| their password while logged into the linux server are they
| supposed to use the smbpasswd command?
You can use pam_winbind.so or pam_krb5 (though probably the
latter is easier if you are wanting a more krb5 oriented solution).
cheers, jerry
- ---------------------------------------------------------------------
Alleviating the pain of Windows(tm) ------- http://www.samba.org
GnuPG Key ----- http://www.plainjoe.org/gpg_public.asc
"If we're adding to the noise, turn off this song"--Switchfoot
(2003)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFBLfv8IR7qMdg1EfYRAs0zAJ98CgEKol5LD9olGblkS3yBKqzOKACg30sB
fcie94FlRToYnibOPOA0Tx4=aTvH
-----END PGP SIGNATURE-----