OS X.3 Panther server with OSX and Windows XP/2000 clients...

Klaus H. Born bornk at granite.igc.gulbenkian.pt
Tue Oct 19 08:17:39 EDT 2004

Hi there,

I am currently working in a lab project where I am involved in setting up
and first testing the following infrastructure:

Mac OS X Server 10.3.5 as LDAP and KDC/PDC Server
Novell 6.5 File Server
Mac OS X clients connecting to OS X Server and auth with Kerberos Single
Sign On
Windows XP/2000 clients connecting to OS X Server and auth with Kerberos
Single Sign On

I have already managed to get the KDC up and running and OS X clients to
connect and auth with KDC but I am stuck with the Windows clients since they
won´t authenticate directly to a non-Microsoft KDC. I have already read
through Jason Garmans Kerberos book and Gerald Carters LDAP book but I still
have found no way to let the Windows clients authenticate to the OS X KDC.
Jason talks in his book about setting up a transparent PAM login but does
not further describe that, could anyone explain that a little bit more to

The second point we want to accomplish is that OS X and Windows clients get
their computer account information from LDAP and setup different workgroups
in which the members only have access to their own workgroup´s computers, I
have set that up in Workgroup Manager but Windows clients won´t listen at
all and just ignore the computer account info, is that not working with the
current release of Samba or does the samba conf file have to be modified? I
have seen that OS X clients can be added to the computer list by browsing
them but Rendezvous will not allow browsing non-Mac clients so I have to add
them manually with their Ethernet Mac address.

Currently all my test computers are configured in a certain TCP/IP scope
with manual IP addresses.

Could you please help me further in getting this test lab set up, I would be
very grateful about that.

Klaus H. Born, MCSE, BS
IGC Portugal

More information about the Kerberos mailing list