Authentication through transitive trusts

Andrew Bartlett abartlet at
Sat Jul 19 00:28:34 GMT 2003

On Fri, Jul 18, 2003 at 05:25:26PM -0700, Marc Kaplan wrote:
> > Try doing NLTM authentication against a win2k domain member 
> > in this situation,
> > perhaps they do a slightly different login requires to the 
> > PDC (you might need
> > to disable 'sign or seal' on the win2k cleints to see the 
> > channel straffic.
> But I don't want to do NTLM authentication -- I want to use Kerberos,
> shouldn't this be possible to do here?

Sure - but what we really want is both to 'play nice' with these
users.  I would like to see if win2k manages to acheive that - it
might be easier than fixing up the kerberos case.

Andrew Bartlett

More information about the samba-technical mailing list