Samba authentication to Kerberos via OpenLDAP, third and last try

Michael Ströder michael at
Tue Apr 8 08:39:58 EDT 2008

Wes Modes wrote:
> Michael Ströder wrote:
>> Maybe you should think about why "creative hacks" are not a good idea 
>> and therefore the experts do not suggest any. Kerberos has a certain 
>> security model. For security reasons the TGT is not something which 
>> should be stored everywhere. I also consider the saslauthd hack with 
>> {SASL}username at MYREALM.EDU to be not acceptable.
> The sactamonious and arrogant attitude of list denizens towards people 
> who do not already know everything there is to know about a subject, do 
> nothing to make the development community more secure or more 
> competent.  In fact, it create a culture of hyper-criticism in which 
> people are afraid to ask perfectly reasonable and important questions.

I whole-heartly agree. But funny that *you* mention that.

Ciao, Michael.

More information about the Kerberos mailing list