[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: How can i integrate KERBEROS/LDAP for Windows password-hashs ?
>>I haven't tried this, but have you looked at the Kerberos for Windows (KfW)
>>package from MIT?
>That's not what i really want.
>I wanna have LDAP having control over
>UNIX/Windows-passwords. Windows itself won't know anything about KERBEROS.
>It shall work like this.
> Windows/UNIX
> logon/authetification
> | ^
> | |
> |> Samba <-
> | |
> |-> LDAP <------
> | ^
> |> KERBEROS |
> Authentification
I don't think this is possible. The NT domain model (the only PDC mode
supported by Samba) requires the NT hash in order to function. "Domain"
+ Kerberos integration is, AFAIK, a facet of Active Directory Server.
It is entirely possible to operation a Samba Domain with Kerberos
password syncronization, so all services except the domain services can
be kerbized (imap, etc...).