Samba 3.0 won't work with smbclient using Kerberos.
abartlet at pcug.org.au
Fri May 17 02:36:02 GMT 2002
P Ranjit Kumar wrote:
> I am trying to get smbclient to work with Samba 3.0 server. Samba 3.0 server
> joined a Win2k Native domain successfully.
> Interestingly, I made and account on the KDC for the unix machine (using
> ktpass) and specified enc type DES-CBC-MD5, which is used by smbclient. Also
> I checked that the encryption type is MD5 for the TGT.
You must join the domain with 'net join'. Set 'security=ads' in your
Becouse samba must also use legacy RPC protocols for NT4 connections,
and becouse of differences in case sensitivity in the MIT/MS
implementations, Samba does not use a predefined keytab, but stores the
plaintext password, creating the 'keys' in memory.
As such there isn't an /etc/krb5.keytab on a normal samba ADS member.
We need an option 'krb5 keytab write = ' (defaulting to
/etc/krb5.keytab) to allow unix servers compatibilty here, but I havn't
got a chance to writing it yet. (Patches are more than welcome).
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba-technical