[23911] in Kerberos
Re: Samba / AD / MIT-KDC
daemon@ATHENA.MIT.EDU (Matt Joyce)
Wed May 18 12:19:47 2005
Message-ID: <428B6AC4.1030500@vtsystems.com>
Date: Wed, 18 May 2005 12:18:12 -0400
From: Matt Joyce <syslists@vtsystems.com>
MIME-Version: 1.0
To: Mark Hendricks <Mark.Hendricks@humboldt.edu>
In-Reply-To: <00f301c5525f$10608960$72919689@ad.humboldt.edu>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
cc: kerberos@mit.edu
Errors-To: kerberos-bounces@mit.edu
I replied to Mark in private suggesting he look at coda or openafs in
place of a samba link to the AD boxes, simply because of the increased
functionality, and the lack of a need for a ldap bridge to ad from
samba. I was wondering if anyone had any preferences concerning coda
and openafs in an environment like his, or any pitfalls they were aware
of. I am curious as to what others have experiences.
I guess this is an RFI of sorts...
-Matt Joyce
Mark Hendricks wrote:
>We have Linux Servers (Red Hat) bound to a Windows 2003 AD.
>
>We are using a cross realm trust (two way transitive trust) and AD account mappings to allow Windows clients to authenticate against an MIT KDC. I know that Samba uses ADS in its configuration to attach as a member server to an Active Directory, but how is samba configured to be a member server in the Windows AD, but use an external MIT KDC.
>
>I have seen many times that it should be possible.... does anyone know how?
>
>Thanks
>
>Mark
>________________________________________________
>Kerberos mailing list Kerberos@mit.edu
>https://mailman.mit.edu/mailman/listinfo/kerberos
>
>
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
