Current ideas on kerberos requirements for Samba4
Wachdorf, Daniel R
drwachd at sandia.gov
Mon May 16 13:29:31 EDT 2005
I have a question regarding this. I submitted a bug on this a while back but it got closed due to lack of a fix.
What if you have an environment where SMB clients will be from a kerberos realmA will be accessing a SAMBA share using kerberos auth which is a member of realmB. Testing of 3.0 revaled that SAMBA had a problem mapping the principal user at realmA into a username.
Do you think adding a local_name support (much like krb5_aname_to_localname in MIT) to translate username kerberos principals of non-local kerberos realms into local account names.
-dan
-----Original Message-----
From: krbdev-bounces at mit.edu on behalf of Andrew Bartlett
Sent: Mon 5/16/2005 9:36 AM
To: krbdev at mit.edu; heimdal-discuss at sics.se; samba-technical at samba.org
Cc: Michelle Escalante
Subject: Current ideas on kerberos requirements for Samba4
Just a quick note to let a few more people know that I am putting
together a rough text document describing various things about kerberos.
I'm sure parts are just complete fiction, but I'm still new to many
parts of this game. :-)
The idea is to write down the special things Samba4 will need from
GSSAPI/Kerberos libraries and KDC implementations, however we end up
producing things.
The current version (updated from SVN) is at:
http://samba.org/ftp/unpacked/samba4/source/auth/kerberos/kerberos-
notes.txt
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
More information about the krbdev
mailing list