Samba integration / adding more objectClasses - Heimdal Kerberos integration
Ingo Steuwer
steuwer at univention.de
Sun Aug 24 22:06:39 CEST 2008
Am Freitag, 22. August 2008 schrieb digital at usina-de-imagens.com.br:
> Greetings,
>
> > Op Thursday 21 August 2008 08:52:54 schreef Albrecht Dreß:
> > > > I did a little change, in order for everyone who'll use this new
> > > > setup to find it easier to implement.
>
> Maybe now is the right time to also implement Heimdal Kerberos integration,
> adding the Kerberos schema and objects (like krb5PrincipalName).
> That way Samba can act as an AD server and integrate with Kolab.
> I've been suffering with that issue, because the way things are right now,
> I must mantain 2 separate dbs, one for Samba/Kerberos and another one for
> Kolab. I'm not an expert in neither of those subjects, so maybe someone
> more experienced could help figuring things out.
Yust having Samba and Kerberos in Sync (which can be done by implementing
scripts for the several change-hooks samba, kerberos and LDAP offer during
changes with passwords etc.) doesn't replace an AD-server. Samba 3
can't "speak" to windows-clients like AD does, which means that clients in an
samba-domain don't get Kerberos-Tickets.
You'll have to wait for samba4. It will have it's own LDAP-server which makes
an integration with Kolab much more difficult.
Regards
Ingo
--
Ingo Steuwer Projektmanagement steuwer at univention.de
Univention GmbH Linux for your Business fon: +49 421 22 232-43
Mary-Somerville-Str.1 28359 Bremen fax: +49 421 22 232-99
http://www.univention.de
More information about the users
mailing list