But *without* putting the OSX server/Windows clients into Active Directory?
I've set up a "krb5.keytab" file on my OSX server box -- set as a
"standalone" server running Samba 3.0.25 -- containing an
"afpserver", a "host" and a "cifs" keytab.
I've got a properly set up "edu.mit.Kerberos" file on the OSX server
and my Mac.
I can get a Kerberos ticket on my mac.
I can connect with pass-through authentication to my server from my
mac via AFP *and* SMB to the server.
But if I install a Kerberos client software (and get a ticket) on my
XP and/or Vista boxes, the only authentication I can do to the server
is through the standard server account login/password.
No "pass-through" authentication -- which is odd as "smb://<server>"
works on the mac (and yes, CIFS isn't the same as Windows, but...)
I keep feeling I'm missing something obvious about this, but I'm
wondering if the *only* way to have this work is to put my server
(and maybe Windows clients?) into AD.
Anybody successfully done this without putting the server into AD?
- Steve
--
Steve Maser (email@hidden) | Thinking is man's only basic virtue,
Desktop Support Manager | from which all the others proceed.
Dept. of Mechanical Engineering | -- Ayn Rand
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Macos-x-server mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/macos-x-server/email@hidden
