Samba 3.0alpha21, Windows XP SP1 and Kerberos authentication

Ranjit Pedapati ranjit at
Tue Feb 4 19:08:49 GMT 2003

Thanks for the reply. I have had problem with using
host/ at REALM principal when I had both Samba and Unix
services use the Windows 2000 KDC.

I will try to modify the principal name and see if it works. I will post my
results in here.

-----Original Message-----
From: at
[ at]On
Behalf Of Antti Tikkanen
Sent: Tuesday, February 04, 2003 1:40 AM
To: samba-technical at
Subject: RE: Samba 3.0alpha21, Windows XP SP1 and Kerberos

On Fri, 31 Jan 2003, P Ranjit Kumar wrote:

> I have been having this problem for a long time now. I have a few
> on how you have configured it.
> 1) How did you create the service principal host/ at REALM
> Windows 2000 KDC?

I created it with OpenLDAP's ldapmodify after I joined the machine to the
domain. An LDIF like this should work:

  dn: CN=machine_name,CN=Computers,DC=win,DC=hut,DC=fi
  changetype: modify
  add: servicePrincipalName
  servicePrincipalName: CIFS/

> 2) Did the setup work with any Windows 2000 clients?

I did not have a chance to test this yet, all our clients are currently
XP. I will do this any day now.

> 3) Do you have any other services, such as telnet etc., that want to use
> Kerberos on your Linux box?

Nope, not at this moment.

I will be doing some comparative traces, as was suggested in another post.
I'll post the results here as well, in case someone is interested.


More information about the samba-technical mailing list