Samba PDC and Kerberos

[JDSalchow]

samba 3 is not able to be pdc in an ad(ldap+kerberos) domain. samba 4 
will be able, but it is in an pre alpha phase and a beta release is 
espected for 4q2k5. but you could build a m$ ad pdc and establishing a 
cross domain trust. samba 3 is able to be domain member server in an ad 
domain. i have the same problem in my school, we decided to build a 
samba 3(nt4) pdc with ldap backend, it is not realy good usuable(only 
one person writes in the ldap directory for having consistent data).

mfg JDSalchow

pip_prime at yahoo.com wrote:
> At my new job they are looking to implement a domain
> controller into the environment. In the future they
> were looking to add kerberos, to provide additional
> security and provide a single login on windows and
> unix. In addition they currently have an AFS system(no
> kerberos) in place. They have three offices that are
> connected via T1 vpn tunnels. Each location is on a
> different subnet. The company deals with a lot of
> confidential data and security is of the highest
> importance.
> 
> Now with all that said, I thought that if I'm going to
> create the Samba PDC it would make sense to put the
> kereberos server in now. Is there a way to integrate
> kerberos into a samba PDC where the token gets passed
> to the client?  All the windows clients will be
> Windows 2000 or higher.
> 
> Has anyone tried anything similar? Any suggestions?
> 
> 
> 		
> __________________________________ 
> Do you Yahoo!? 
> Yahoo! Mail - 250MB free storage. Do more. Manage less. 
> http://info.mail.yahoo.com/mail_250
> ________________________________________________
> Kerberos mailing list           Kerberos at mit.edu
> https://mailman.mit.edu/mailman/listinfo/kerberos
>