W2K, krb5 and samba-3.0alpha21
Dieter Kluenter
dieter at dkluenter.de
Tue Feb 18 15:55:31 GMT 2003
Hi,
I run a MIT KRB5 KDC and succesfully can authenticate my W2K Clients
and users against the KDC. User- and machine-data are stored in a
OpenLDAP directory server, but no passwords, as I want to make use of
Kerberos. Although I compiled samba-3.0alpha21 --with-krb5 created
a cifs/machine.domain principal and added a realm directive to
smb.conf , samba still does not obtain a ticket and therefore can't
login to my workgroup and my shares. Howe can I make samba MIT KRB5 aware and beeing
able to obtain TGT's ?
Following an excerpt from my krb5kdc log
-.-.-.-..-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.
TGS_REQ (7 etypes {23 -133 -128 3 1 24 -135}) 192.168.100.31(88): ISSUE: authtime 1044633988, etypes {rep=1 tkt=16 ses=1}, dieter at AVCI.DE for host/cyan.l4b.de at AVCI.DE
Feb 07 17:06:46 marin krb5kdc[999](info): AS_REQ (7 etypes {23 -133 -128 3 1 24 -135}) 192.168.100.31(88): ISSUE: authtime 1044634006, etypes {rep=3 tkt=16 ses=1}, dieter at AVCI.DE for krbtgt/AVCI.DE at AVCI.DE
-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-.-
host/cyan.l4b.de is my W2K workstation.
-Dieter
--
Dieter Kluenter | Systemberatung
Tel:040.64861967 | Fax: 040.64891521
mailto: dkluenter at schevolution.com
http://www.schevolution.com/tour
More information about the samba-technical
mailing list