-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I would like to be able to use kerberos for samba authentication from linux and windows, without having to create a domain/ad. From what I've read and seen, native kerberos authentication only works for windows clients inside a active directory context, while pam authentication only works with unencrypted passwords which aren't supported by recent windows versions. Here are the software versions FWIW: Samba: 3.0.21b MIT-krb5: 1.4.3 Linux-PAM: 0.79 Windows XP Pro SP2 Thanks in advance for your help, Chris Dombroski -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.1 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFD/N95nUQ+0UT6+t8RAujIAJ4060z1JjcuvstUiDiJeVsJnJUAPQCbBCGz MfnN5+3NvEMtnZeQsWRMRwg=D1VV -----END PGP SIGNATURE-----
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Chris Dombroski wrote:> I would like to be able to use kerberos for samba authentication from > linux and windows, without having to create a domain/ad. From what I've > read and seen, native kerberos authentication only works for windows > clients inside a active directory context, while pam authentication only > works with unencrypted passwords which aren't supported by recent > windows versions.Andrew Bartlet added code that would all the server to advertise Krb5 support in 'security = user' if the 'use kerberos keytab' option is enabled. cheers, jerry -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFD/d03IR7qMdg1EfYRAm9RAKDprvCYMb8St/zHpEbXT++8zVFLsgCcC8nM eOrzVOMjq6OayjAtAP4hx0Q=oc+g -----END PGP SIGNATURE-----