[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: How can i integrate KERBEROS/LDAP for Windows password-hashs ?

To: Harry Rüter <harry_rueter@gmx.de>
Subject: Re: How can i integrate KERBEROS/LDAP for Windows password-hashs ?
From: Adam Williams <awilliam@whitemice.org>
Date: 14 Apr 2002 19:03:16 -0400
Cc: "OpenLDAP-software@OpenLDAP.org" <OpenLDAP-software@OpenLDAP.org>
In-reply-to: <3CB9853B.535B2A0D@gmx.de>
References: <3CB9463F.B25D99AA@gmx.de> <3CB8DFDA.E5D2B99E@nu.no> <3CB9853B.535B2A0D@gmx.de>

>>I haven't tried this, but have you looked at the Kerberos for Windows (KfW)
>>package from MIT?
>That's not what i really want.
>I wanna have LDAP having control over
>UNIX/Windows-passwords. Windows itself won't know anything about KERBEROS.
>It shall work like this.
> Windows/UNIX 
> logon/authetification
>    |    ^
>    |    |
>    |> Samba <-
>        |     |
>        |-> LDAP  <------
>             |           ^
>             |> KERBEROS |
>                Authentification

I don't think this is possible.  The NT domain model (the only PDC mode
supported by Samba) requires the NT hash in order to function.  "Domain"
+ Kerberos integration is, AFAIK, a facet of Active Directory Server. 
It is entirely possible to operation a Samba Domain with Kerberos
password syncronization,  so all services except the domain services can
be kerbized (imap, etc...).

References:
- How can i integrate KERBEROS/LDAP for Windows password-hashs ?
  - From: Harry Rüter <harry_rueter@gmx.de>
- Re: How can i integrate KERBEROS/LDAP for Windows password-hashs ?
  - From: Tarjei Huse <tarjei@nu.no>
- Re: How can i integrate KERBEROS/LDAP for Windows password-hashs ?
  - From: Harry Rüter <harry_rueter@gmx.de>

Prev by Date: Cannot_bind_to_slapd
Next by Date: Where is info about {KERBEROS} ?
Index(es):
- Chronological
- Thread