Web lists-archives.com

Re: [Samba] Samba authentication using non-AD Kerberos?




On Wed, 2017-04-19 at 10:09 -0600, S P Arif Sahari Wibowo via samba
wrote:
> On 2017-04-19, 01:22, Stefan Just via samba wrote:
> > There is a tutorial how to make a Kerberos server to be a 
> > samba server too.
> 
> I don't have option to do changes in the Kerberos server, at 
> least not now. Is that the only way to have samba authenticated 
> from a non-AD Kerberos server to be connectable from MS Windows 
> and macOS clients?

Not windows clients without much pain.  In theory Windows can join a
non-AD KDC, but it is incredibly rarely done.  MacOS should be able to
kinit.

I think you really want to move to Samba as an AD DC.  Everything else
will just be painful in the long run.

I hope this helps,

Andrew Bartlett
-- 
Andrew Bartlett                       http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba