[cifs-protocol] Clarify reserved bytes that are in fact used in LogonSamLogonEx response
Andrew Bartlett
abartlet at samba.org
Mon Aug 3 01:39:11 MDT 2009
On Fri, 2009-07-31 at 00:30 +0000, Hongwei Sun wrote:
> Andrew,
>
> We are able to set up environment with a W2k8 server joined to Samba domain. I ran the three commands you mentioned in your e-mail.
>
> bin/smbclient //win2008-2/test -Uadministrator%samba2 -d1 -kno
> bin/smbclient //win2008-2/test -Uadministrator%samba2 -d1 -kyes
> bin/smbclient //win2008-2/test -Uadministrator%samba2 -d1 -kyes --option=gensec:spnego=no --option=gensec:gssapi_spnego=yes
>
> I get the same error as you in the first command that is basically
> using NTLM. But I have problem with the next two commands that use
> Kerberos. Please see the errors returned on screen shots.
Any chance you can include these as text next time? (it just makes it
easier to quote etc).
As I see it, you need to put:
[libdefaults]
default_realm = SAMBA4.NET
dns_lookup_realm = true
dns_lookup_kdc = true
into your /etc/krb5.conf
(assuming you can get to samba4.net with DNS, otherwise add a manual KDC
declaration).
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Cisco Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://lists.samba.org/pipermail/cifs-protocol/attachments/20090803/85c10718/attachment.pgp>
More information about the cifs-protocol
mailing list