thr3ads.net - samba - [Samba] Minimum footprint for authenticating CIFS shares with Kerberos [Jan 2021]

If this information is useful, please help other people find it:
Share via:

Rowland penny

2021-Jan-22 20:43 UTC

[Samba] Minimum footprint for authenticating CIFS shares with Kerberos

On 22/01/2021 20:23, Dorian Taylor (Lists) wrote:> Perhaps the question I should have asked is ?how closely-coupled is using
Kerberos to authenticate to a Samba share to the whole AD ball of wax??, but it
looks like the answer is ?It?s all or nothing, baby.?
>You could consider a Unix domain member instead.

Rowland

Jeremy Allison

2021-Jan-22 20:55 UTC

head link

[Samba] Minimum footprint for authenticating CIFS shares with Kerberos

On Fri, Jan 22, 2021 at 08:43:58PM +0000, Rowland penny via samba
wrote:>On 22/01/2021 20:23, Dorian Taylor (Lists) wrote:
>>Perhaps the question I should have asked is ?how closely-coupled is
using Kerberos to authenticate to a Samba share to the whole AD ball of wax??,
but it looks like the answer is ?It?s all or nothing, baby.?
>>
>You could consider a Unix domain member instead.
Doh ! Yep, what Rowland said (thanks Rowland :-). "Member Server"
is for joining an existing AD-domain, "Unix domain member" is
for using an existing krb5 infrastructure.

samba - Jan 2021 - Minimum footprint for authenticating CIFS shares with Kerberos

[Samba] Minimum footprint for authenticating CIFS shares with Kerberos

[Samba] Minimum footprint for authenticating CIFS shares with Kerberos