Joining domains specifying auth realm
Andrew Bartlett
abartlet at samba.org
Thu Mar 6 20:38:19 GMT 2003
On Fri, 2003-03-07 at 03:44, Ken Cross wrote:
> Samba-folk:
>
> I've run into a problem that I'd like to throw open for a general
> solution.
>
> The problem is joining an Active Directory, say AD1.COMPANY.COM, but
> specifying a different authentication realm for the username/password,
> say AD2.COMPANY.COM. For instance, this currently fails:
>
> net ads join AD1 -U username%password
>
> No matter what is specified on the command line or smb.conf (that I've
> found), it always tries to authenticate using
> "username at AD1.COMPANY.COM".
>
> How should we allow an alternate authentication domain be specified?
> Maybe:
>
> net ads join AD1 -U username at AD2.COMPANY.COM%password
>
> or
>
> net ads join AD1 -A AD2.COMPANY.COM -U username%password
>
> Or have I missed something fundamental?
If you kinit first, it should 'just work', but if you want to add the
code so that we can login with -U username at AD2.COMPANY.COM%password then
this would be much appreciated! (To make it easy, just do it for
kerberos logins)
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20030307/df509802/attachment.bin
More information about the samba-technical
mailing list