[email protected]
[Top] [All Lists]

RE: Current ideas on kerberos requirements for Samba4

Subject: RE: Current ideas on kerberos requirements for Samba4
From: "Wachdorf, Daniel R"
Date: Mon, 16 May 2005 11:29:31 -0600
I have a question regarding this.  I submitted a bug on this a while back but 
it got closed due to lack of a fix. 

What if you have an environment where SMB clients will be from a kerberos 
realmA will be accessing a SAMBA share using kerberos auth which is a member of 
realmB.  Testing of 3.0 revaled that SAMBA had a problem mapping the principal 
[email protected] into a username.  

Do you think adding a local_name support (much like krb5_aname_to_localname in 
MIT) to translate username kerberos principals of non-local kerberos realms 
into local account names.  


-----Original Message-----
From: [email protected] on behalf of Andrew Bartlett
Sent: Mon 5/16/2005 9:36 AM
To: [email protected]; [email protected]; [email protected]
Cc: Michelle Escalante
Subject: Current ideas on kerberos requirements for Samba4
Just a quick note to let a few more people know that I am putting
together a rough text document describing various things about kerberos.
I'm sure parts are just complete fiction, but I'm still new to many
parts of this game. :-)

The idea is to write down the special things Samba4 will need from
GSSAPI/Kerberos libraries and KDC implementations, however we end up
producing things.

The current version (updated from SVN) is at:

Andrew Bartlett
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Student Network Administrator, Hawker College  http://hawkerc.net

<Prev in Thread] Current Thread [Next in Thread>