[OpenAFS] Re: Serving AFS to Windows boxes w/o OpenAFS client
(Samba)?
omalleys@msu.edu
omalleys@msu.edu
Wed, 15 Dec 2010 16:32:56 -0500
Quoting Jeffrey Altman <jaltman@secure-endpoints.com>:
> Its not a question of whether Samba can do it. Its a question of
> whether the SMB clients will delegate credentials and the answer is that
> they do not.
Is this still true? IIRC my initial issue with samba 3.0.x was that
winbind was the one that ended up the kerberos credentials, and it was
inaccessible from smbd.
Samba 4.x dumped winbindd, not that anyone is using samba 4.x in
production, but IIRC a number of things were merged back into samba
3.5.x tree. It -might- be enough to allow you to get the ticket and
set the pag in the smbd daemon. I don't know for sure. I haven't
tested it.