--===============0765742634==
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature";
boundary="=-e1x95o3vfvcZGsLUKxKP"


--=-e1x95o3vfvcZGsLUKxKP
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Tue, 2006-02-07 at 10:14 +0100, romain BOTTAN wrote:
> Hello everybody,
>=20
> I'll try to find out some info about Samba and a way to put x509=20
> authenticate method but i don't find anything clear about it.


There are not many 'good' options to put x509 certificates into the
Samba authentication space, and if very much depends on the client and
domain environment.

Perhaps you are looking for an AD implementation, with PKINIT on
kerberos? This is the only real solution for windows clients.

If you control the clients (say they run Linux), you could push all CIFS
connections via a SSL tunnel, but Samba wouldn't 'know' about this, so
would not actually authenticate the users as such.

Perhaps you need to explain what you are trying to do a bit more.

Andrew Bartlett

--=20
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net

--=-e1x95o3vfvcZGsLUKxKP
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQBD6nElz4A8Wyi0NrsRAncMAKCeML7gXYmOJHhsSP3/NGByqr/BSgCggZek
rQqoTlpgg+WKO7MyyBtBPPk=
=ABVo
-----END PGP SIGNATURE-----

--=-e1x95o3vfvcZGsLUKxKP--


--===============0765742634==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
--===============0765742634==--