[BBLISA] Single sign-on help requested
Sean OMeara
someara at gmail.com
Thu Aug 23 10:02:28 EDT 2007
While this is correct it doesnt really help him in his situation...
He's trying to create one realm that windows and unix co-exist in peacfully =)
Also, its not possible to authentication samba against anything else
but an AD (using tickets, not falling back on NTLM) and because of the
way samba works, you can't have a machine thats on an MIT realm and
have only the samba daemon bound to the windows realm, you'll end up
dragging the whole machine with it.
-s
On 8/23/07, Mark Manley <mwmanley at gmail.com> wrote:
> That's not completely true. He can set up cross-realm authentication in
> Kerberos to have AD accept the TGTs and vice-versa. This way, people can
> use their Unix credentials to access AD resources. There is plenty of
> documentation on the Microsoft site and on the Internet about setting it up.
>
>
More information about the bblisa
mailing list