Samba PDC/BDC

Ben Scott dragonhawk at gmail.com
Tue Jan 17 11:27:00 EST 2006


On 1/17/06, Paul Lussier <p.lussier at comcast.net> wrote:
>> [3] I expect that would include keeping the NTLM password hashes in
>> LDAP, but I don't really know.
>
> That is correct, which is one of the reasons you can almost
> approximate Kerberos authentication with Samba if you use the Heimdal
> Kerberos implementation.  Heimdal allows you to store the krb5
> passphrases in LDAP, which means Samba can get at them.

  Okay, but what does any of that Heimdal/Kerberos stuff have to do
with authenticating NTLM clients?

  I'm not being sarcastic with that question; I honestly don't
understand how the two relate.  (Most likely because I have little to
no experience with them.  I know the general Kerberos theory of
operation, and I've cookbooked client config's into Linux to support
Samba as an Active Directory member, but I've never setup a server or
anything like that.)

-- Ben "I've got too much crap to learn" Scott



More information about the gnhlug-discuss mailing list