[Samba] Restricting to a subset of the domain controllers on a
site
McCall, Don (GSE-WTEC-Alpharetta)
don.mccall at hp.com
Wed May 30 21:11:58 GMT 2007
Hi Jerry,
I have a question about the 'private' krb4.conf file that gets generated
for this case. Ran into a problem with this where the log file showed
that we were sending only enctypes 5 and 16 (I believe I'm remembering
correctly), and these weren't getting decrypted; we needed to specify
default enctypes in the /etc/krb5.conf file to get it working, but had
to drop back to a previous version to do this, because I couldn't find
any way to force the enctypes in the 'private' krb5.conf file that samba
was using, and it got auto regenerated each time we tried the join.
Any way to force enctypes in the autogenerated krb5.conf file that you
know of???
Don
-----Original Message-----
From: Don McCall [mailto:donmccall1 at yahoo.com]
Sent: Wednesday, May 30, 2007 5:08 PM
To: McCall, Don (GSE-WTEC-Alpharetta)
Subject: Fw: [Samba] Restricting to a subset of the domain controllers
on a site
----- Forwarded Message ----
From: Gerald (Jerry) Carter <jerry at samba.org>
To: Wayne Rasmussen <Wayne at gomonarch.com>
Cc: samba at lists.samba.org
Sent: Wednesday, May 30, 2007 2:43:27 PM
Subject: Re: [Samba] Restricting to a subset of the domain controllers
on a site
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Wayne Rasmussen wrote:
> Is there any settings in smb.conf file which are
> required for this?
Nope. Just coded internally to the DC lookup routines
used by smbd and winbindd. Also generates private
krb5.conf files used to enforce server affinity
at the krb5 clientlib layer.
cheers, jerry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGXcXPIR7qMdg1EfYRAn98AKCXfsKdmJ4FVd1sjXcXfbpDKhIrwgCfarKb
44oHaen3JYAcyll7vn+Tcho=
=0YCi
-----END PGP SIGNATURE-----
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
________________________________________________________________________
____________Be a better Globetrotter. Get better travel answers from
someone who knows. Yahoo! Answers - Check it out.
http://answers.yahoo.com/dir/?link=list&sid=396545469
More information about the samba-technical
mailing list