samba-technical@lists.samba.org
[Top] [All Lists]

RE: Current ideas on kerberos requirements for Samba4

Subject: RE: Current ideas on kerberos requirements for Samba4
From: "Wachdorf, Daniel R"
Date: Mon, 16 May 2005 11:29:31 -0600
I have a question regarding this.  I submitted a bug on this a while back but 
it got closed due to lack of a fix. 

What if you have an environment where SMB clients will be from a kerberos 
realmA will be accessing a SAMBA share using kerberos auth which is a member of 
realmB.  Testing of 3.0 revaled that SAMBA had a problem mapping the principal 
user@realmA into a username.  

Do you think adding a local_name support (much like krb5_aname_to_localname in 
MIT) to translate username kerberos principals of non-local kerberos realms 
into local account names.  

-dan


-----Original Message-----
From: krbdev-bounces@xxxxxxx on behalf of Andrew Bartlett
Sent: Mon 5/16/2005 9:36 AM
To: krbdev@xxxxxxx; heimdal-discuss@xxxxxxx; samba-technical@xxxxxxxxx
Cc: Michelle Escalante
Subject: Current ideas on kerberos requirements for Samba4
 
Just a quick note to let a few more people know that I am putting
together a rough text document describing various things about kerberos.
I'm sure parts are just complete fiction, but I'm still new to many
parts of this game. :-)

The idea is to write down the special things Samba4 will need from
GSSAPI/Kerberos libraries and KDC implementations, however we end up
producing things.

The current version (updated from SVN) is at:
http://samba.org/ftp/unpacked/samba4/source/auth/kerberos/kerberos-
notes.txt

Andrew Bartlett
-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Student Network Administrator, Hawker College  http://hawkerc.net

<Prev in Thread] Current Thread [Next in Thread>