[OpenAFS] Re: Serving AFS to Windows boxes w/o OpenAFS client (Samba)?

omalleys@msu.edu omalleys@msu.edu
Wed, 15 Dec 2010 16:32:56 -0500

Quoting Jeffrey Altman <jaltman@secure-endpoints.com>:

> Its not a question of whether Samba can do it.  Its a question of
> whether the SMB clients will delegate credentials and the answer is that
> they do not.

Is this still true? IIRC my initial issue with samba 3.0.x was that  
winbind was the one that ended up the kerberos credentials, and it was  
inaccessible from smbd.

Samba 4.x dumped winbindd, not that anyone is using samba 4.x in  
production, but IIRC a number of things were merged back into samba  
3.5.x tree. It -might- be enough to allow you to get the ticket and  
set the pag in the smbd daemon. I don't know for sure. I haven't  
tested it.