Hi Greg,
Thanks once more for an extensive answer! It really helps that you point out
the
paths, and even already balance pros and cons.
I also don’t know if Kitten will be interested, but we’re willing to help out
if this is
the case. Since we’re doing this for other credential types, it wou
Hallo to everybody,
I want to configure a samba3 server that authenticates users via our
Windows ADS server (secutrity=ADS) in smb.conf. The whole setup works
fine when I use NFS version3 to mount the user directories from our NFS
server. The samba server is joined into our Windows ADS domain
"ADS
See the IETF ABFAB WG. They have a GSS mechanism that can do what you want.
Kerberos can also do what you want (though some KDC-side pieces may
need to get written), as follows: a) it has two forms of anonymous
principal names (with anon realm and with non-anon realm; you want the
latter), b) the
> RedHat's FreeIPA may provide some similar functionality, but I'm not familiar
> with it. Ditto Samba.
If I'm not mistaken, FreeIPA 4.1+ should have the ability to overwrite or add
user attributes locally (including "username", uidNumber, group membership).
However, it can only do trusts with
