unknown RPC opcodes during join+logon
Luke Howard
lukeh at PADL.COM
Thu Sep 19 20:03:00 GMT 2002
>But here are the results I got with changes to Samba:
> Odd name: <credential><4-byte flags = 0x0007ffff>: Access Denied
> Even name: <credential>,0x6B,0,<flags=0x0007ffff>: Access Denied
> Odd name: <credential><flags = 0x000001ff>:
> Success but "servicePrincipalName" attribute in Active
> Directory disappears
> Even name: <credential>,0x6B,0,<flags=0x000001ff>:
> Success but "servicePrincipalName" attribute in Active
> Directory disappears
I'm ont sure about the 0x6B but I would think that servicePrincipalName
disappearing would have something to do with Active Directory presuming
that downlevel clients (which negotiate 0x1ff) do not support Kerberos,
and thus do not have a servicePrincipalName. You might try using the
altSecurityIdentities attribute instead, eg:
altSecurityIdentities: Kerberos:cifs/foobar.windows2000.spinnakernet.com
-- Luke
--
Luke Howard | PADL Software Pty Ltd | www.padl.com
More information about the samba-technical
mailing list