Daniel Lopes de Carvalho
2011-Aug-27 15:10 UTC
[Samba] Windows client authentication in Samba LDAP and MIT Kerberos.
Hello Guys! I have a LDAP/MIT Kerberos (integrated) server and another Samba 3.5.6 server that?s working together. My windows clients (XP and Seven) are joined in to my domain controller by this Samba. All my linux clients are authenticating and getting a credentials ticket from Kerberos and this is working properly. I would like to know how can I do to make my windows clients authenticate through the Samba, but using the Kerberos credentials too, instead of the Samba password saved in the LDAP database and getting the ticket too. Best Regards -- Daniel Lopes de Carvalho
Andrew Bartlett
2011-Aug-28 08:52 UTC
[Samba] Windows client authentication in Samba LDAP and MIT Kerberos.
On Sat, 2011-08-27 at 12:10 -0300, Daniel Lopes de Carvalho wrote:> Hello Guys! > > I have a LDAP/MIT Kerberos (integrated) server and another Samba 3.5.6 > server that?s working together. > > My windows clients (XP and Seven) are joined in to my domain controller by > this Samba. > > All my linux clients are authenticating and getting a credentials ticket > from Kerberos and this is working properly. > > I would like to know how can I do to make my windows clients authenticate > through the Samba, but using the Kerberos credentials too, instead of the > Samba password saved in the LDAP database and getting the ticket too.The only way to do what you want is to use Samba 4.0, which is currently in alpha. Windows domain members will not use Kerberos against anything other than Active Directory. This simple fact is one of the key reasons why we spent so much time and effort on building an AD domain controller. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org