W2K, krb5 and samba-3.0alpha21

Dieter Kluenter dieter at dkluenter.de
Tue Feb 18 15:55:31 GMT 2003

I run a MIT KRB5 KDC and succesfully can authenticate my W2K Clients
and users against the KDC. User- and machine-data are stored in a
OpenLDAP directory server, but no passwords, as I want to make use of
Kerberos. Although I compiled samba-3.0alpha21 --with-krb5 created
a cifs/machine.domain principal and added a realm directive to
smb.conf , samba still does not obtain a ticket and therefore can't
login to my workgroup and my shares. Howe can I make samba MIT KRB5 aware and beeing
able to obtain TGT's ?

Following an excerpt from my krb5kdc log
 TGS_REQ (7 etypes {23 -133 -128 3 1 24 -135}) ISSUE: authtime 1044633988, etypes {rep=1 tkt=16 ses=1}, dieter at AVCI.DE for host/cyan.l4b.de at AVCI.DE
Feb 07 17:06:46 marin krb5kdc[999](info): AS_REQ (7 etypes {23 -133 -128 3 1 24 -135}) ISSUE: authtime 1044634006, etypes {rep=3 tkt=16 ses=1}, dieter at AVCI.DE for krbtgt/AVCI.DE at AVCI.DE

host/cyan.l4b.de is my W2K workstation.

Dieter Kluenter  | Systemberatung
Tel:040.64861967 | Fax: 040.64891521
mailto: dkluenter at schevolution.com

More information about the samba-technical mailing list