On Tue, 2006-08-08 at 15:54 +1000, adrian sender wrote:> Hello Lads,
>
> I am not a programmer in any shape or form, so bare with me.
>
> Windows AD can support biometric devices, such as fingerprint logins, it
> actually stores the fingerprint in the database.
>
> Will it be possible to store this information in a Samba4 AD enviroment?
Who knows? I'll work on smart-cards first, as I have one of those (and
my group at RedHat is really keen on them :-), but if we ever get
information on how the login is communicated to the KDC, then it may
well be made to work.
This is all by the power of Kerberos. Only the first 'get TGT' step
needs to be modified, rather than the whole system.
If the fingerprint isn't stored in AD, but compared locally to something
on a smartcard, which then unlocks a PKINIT certificate, then perhaps it
will 'just work' once I get smartcards in. Who knows?
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc. http://redhat.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :
http://lists.samba.org/archive/samba/attachments/20060810/82e76a59/attachment.bin