Date: Fri, 28 Mar 2014 16:44:45 -0700 From: Chris Stankevitz <chrisstankevitz@gmail.com> To: freebsd-questions <freebsd-questions@freebsd.org> Subject: Using Kerberos to authenticate users Message-ID: <CAPi0psvpE4MvTSy6f6u5qc3ZCeXcrNB0cj96utLP0uF5Te91dQ@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
Hello, Please consider this theoretical scenario: 1. I have a FreeBSD running samba to allow people on windows computers to read/write files on the hard drive. 1a. I create several users (and passwords) on the FreeBSD system. 1b. Windows users have to enter a "FreeBSD username" in order to access the share. 1c. Windows users have to enter the corresponding "FreeBSD password" in order to access the share. 1d. File permissions, enforced by the file system, are based on the "FreeBSD username". 2. I have configured kerberos according to handbook section 14.5.4 such that "kinit" can be used to "get a windows domain ticket" for a particular Windows domain user. Question: Is it possible to modify my setup such that: 3. I manually add "FreeBSD usernames" to the system such that each new username is identical to a username on the "windows domain" [A: yes, of course this is possible] 4. Step (1c) is modified such that the user can type his "Windows domain password" in order to access the share. 5. Step (1d) still applies If this is possible, please share with me the keywords and I will be happy to read more about it in the FreeBSD handbook or man pages. Thank you! Chris
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPi0psvpE4MvTSy6f6u5qc3ZCeXcrNB0cj96utLP0uF5Te91dQ>