1
<samba:parameter name="kerberos method" context="G" type="enum"
2
advanced="1" developer="1"
3
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
6
Controls how kerberos tickets are verified.
9
<para>Valid options are:</para>
11
<listitem><para>secrets only - use only the secrets.tdb for
12
ticket verification (default)</para></listitem>
14
<listitem><para>system keytab - use only the system keytab
15
for ticket verification</para></listitem>
17
<listitem><para>dedicated keytab - use a dedicated keytab
18
for ticket verification</para></listitem>
20
<listitem><para>secrets and keytab - use the secrets.tdb
21
first, then the system keytab</para></listitem>
25
The major difference between "system keytab" and "dedicated
26
keytab" is that the latter method relies on kerberos to find the
27
correct keytab entry instead of filtering based on expected
32
When the kerberos method is in "dedicated keytab" mode,
33
<smbconfoption name="dedicated keytab file"/> must be set to
34
specify the location of the keytab file.
37
<related>dedicated keytab file</related>
38
<value type="default">secrets only</value>