Samba 3.0alpha21, Windows XP SP1 and Kerberos authentication

Antti Tikkanen antti.tikkanen at hut.fi
Tue Feb 4 09:39:52 GMT 2003


On Fri, 31 Jan 2003, P Ranjit Kumar wrote:

> I have been having this problem for a long time now. I have a few questions
> on how you have configured it.
>
> 1) How did you create the service principal host/machine.domain.com at REALM in
> Windows 2000 KDC?

I created it with OpenLDAP's ldapmodify after I joined the machine to the
domain. An LDIF like this should work:

  dn: CN=machine_name,CN=Computers,DC=win,DC=hut,DC=fi
  changetype: modify
  add: servicePrincipalName
  servicePrincipalName: CIFS/machine.example.com

> 2) Did the setup work with any Windows 2000 clients?

I did not have a chance to test this yet, all our clients are currently
XP. I will do this any day now.

> 3) Do you have any other services, such as telnet etc., that want to use
> Kerberos on your Linux box?

Nope, not at this moment.

I will be doing some comparative traces, as was suggested in another post.
I'll post the results here as well, in case someone is interested.

Regards,
Antti




More information about the samba-technical mailing list