Samba cross-realm trusts with any Kerberos5 implementation - SMB

This is a discussion on Samba cross-realm trusts with any Kerberos5 implementation - SMB ; Does anyone know if the Samba team has any intentions to include the ability to do deal with cross-realm trusts to any kerberos realm (not necessarily AD realms, but also MIT/Heimdal) in the Samba 3.x branch? Or do we have ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Samba cross-realm trusts with any Kerberos5 implementation

  1. Samba cross-realm trusts with any Kerberos5 implementation

    Does anyone know if the Samba team has any intentions to include the
    ability to do deal with cross-realm trusts to any kerberos realm (not
    necessarily AD realms, but also MIT/Heimdal) in the Samba 3.x branch? Or
    do we have to wait until Samba4?

    I'd consider the lack of it as rather severe because there might be
    quite a lot of organizations out there that have already established an
    organizationwide authentication-infrastructure based on MIT or Heimdal
    kerberos and want to be able to use it together with Samba and a local
    AD for authorization...

    Best regards,
    Thomas Schweizer.

  2. Re: Samba cross-realm trusts with any Kerberos5 implementation

    Thomas Schweizer wrote:

    > Does anyone know if the Samba team has any intentions to include the
    > ability to do deal with cross-realm trusts to any kerberos realm (not
    > necessarily AD realms, but also MIT/Heimdal) in the Samba 3.x branch? Or
    > do we have to wait until Samba4?
    >
    > I'd consider the lack of it as rather severe because there might be
    > quite a lot of organizations out there that have already established an
    > organizationwide authentication-infrastructure based on MIT or Heimdal
    > kerberos and want to be able to use it together with Samba and a local
    > AD for authorization...


    If you have an AD, then all you do is place the Samba server in the
    AD's realm and then use cross-realm trust between the MIT/Heimdal
    realm to the AD realm in order contact the Samba server.

    --
    -----------------
    This e-mail account is not read on a regular basis.
    Please send private responses to jaltman at mit dot edu

+ Reply to Thread