Windows LSA under a non-Windows domain
Santiago Rivas
sanribu at gmail.com
Mon Oct 26 07:01:53 EDT 2009
Hi everyone,
I'm setting up Kerberos to work on Windows XP machines managed by a Samba as
PDC.
Thanks to your support, I know how to configure the credentials file cache
on Windows platform. Next step is learn how to use Local Security Authority
(LSA) in order to obtain TGT automatically from user logon.
I've read several documents on the web (
http://java.sun.com/javase/6/docs/technotes/guides/security/kerberos/jgss-windows.html)
and I get an idea, but still have some questions to ask:
- Is it required to be under an Active Directory Windows Domain for LSA to
gather the credentials? I ask it because most of the articles that I've read
about LSA asume to be on that scenario, nevertheless I'm using openldap and
Samba (as I mentioned before).
- If it's possible to use LSA under a non-Windows domain, is there any extra
configuration needed? (besides the *allowtgtsessionkey* registry change)
Thanks in advance!
More information about the krbdev
mailing list