Windows LSA under a non-Windows domain

Max (Weijun) Wang Weijun.Wang at
Mon Oct 26 09:30:15 EDT 2009

Also, Googling "Samba as Windows Domain Controller" shows a lot of  


On Oct 26, 2009, at 7:01 PM, Santiago Rivas wrote:

> Hi everyone,
> I'm setting up Kerberos to work on Windows XP machines managed by a  
> Samba as
> PDC.
> Thanks to your support, I know how to configure the credentials file  
> cache
> on Windows platform. Next step is learn how to use Local Security  
> Authority
> (LSA) in order to obtain TGT automatically from user logon.
> I've read several documents on the web (
> and I get an idea, but still have some questions to ask:
> - Is it required to be under an Active Directory Windows Domain for  
> LSA to
> gather the credentials? I ask it because most of the articles that  
> I've read
> about LSA asume to be on that scenario, nevertheless I'm using  
> openldap and
> Samba (as I mentioned before).
> - If it's possible to use LSA under a non-Windows domain, is there  
> any extra
> configuration needed? (besides the *allowtgtsessionkey* registry  
> change)
> Thanks in advance!
> _______________________________________________
> krbdev mailing list             krbdev at

More information about the krbdev mailing list