Samba 3.0alpha21, Windows XP SP1 and Kerberos authentication
Ranjit Pedapati
ranjit at hp.com
Tue Feb 4 19:08:49 GMT 2003
Thanks for the reply. I have had problem with using
host/machine.domain.com at REALM principal when I had both Samba and Unix
services use the Windows 2000 KDC.
I will try to modify the principal name and see if it works. I will post my
results in here.
-----Original Message-----
From: samba-technical-bounces+marc_jacobsen=hp.com at lists.samba.org
[mailto:samba-technical-bounces+marc_jacobsen=hp.com at lists.samba.org]On
Behalf Of Antti Tikkanen
Sent: Tuesday, February 04, 2003 1:40 AM
To: samba-technical at lists.samba.org
Subject: RE: Samba 3.0alpha21, Windows XP SP1 and Kerberos
authentication
On Fri, 31 Jan 2003, P Ranjit Kumar wrote:
> I have been having this problem for a long time now. I have a few
questions
> on how you have configured it.
>
> 1) How did you create the service principal host/machine.domain.com at REALM
in
> Windows 2000 KDC?
I created it with OpenLDAP's ldapmodify after I joined the machine to the
domain. An LDIF like this should work:
dn: CN=machine_name,CN=Computers,DC=win,DC=hut,DC=fi
changetype: modify
add: servicePrincipalName
servicePrincipalName: CIFS/machine.example.com
> 2) Did the setup work with any Windows 2000 clients?
I did not have a chance to test this yet, all our clients are currently
XP. I will do this any day now.
> 3) Do you have any other services, such as telnet etc., that want to use
> Kerberos on your Linux box?
Nope, not at this moment.
I will be doing some comparative traces, as was suggested in another post.
I'll post the results here as well, in case someone is interested.
Regards,
Antti
More information about the samba-technical
mailing list