Samba 3.0 Alpha22 + AD Domain, RedHat Kerberos Problems
Simo Sorce
simo.sorce at xsec.it
Tue Mar 11 17:40:43 GMT 2003
the fact is that, imho, MS can't (haven't looked too colsely, but I had
to change the password too as tridge howto on ads say).
When you make a server be an ADS it simply makes an upgrade and it does
not have the clear text password to do all the other encryptions.
Simo.
On Tue, 2003-03-11 at 18:06, Herb Lewis wrote:
> We had this same problem at connectathon. All I had to do was Go to
> the ADS machine, login as the user, and change the password. The
> current released version of MIT kerberos worked fine after that. It
> appears that MS does not create all the required encryption types
> for the password until the first change.
>
> Andrew Bartlett wrote:
> >
> >
> > The issue is that the password of the user you are connecting to Samba
> > with does not have the 'upgraded' password types. This occurs if the
> > user hasn't changed their password since the ADS upgrade.
> >
> > The 'best' solution is to get a newer kerberos library, but MIT hasn't
> > released the latest kerberos, so it's up to you to get their snapshots,
> > or a recent heimdal.
> >
> > Andrew Bartlett
> >
--
Simo Sorce - simo.sorce at xsec.it
Xsec s.r.l.
via Durando 10 Ed. G - 20158 - Milano
tel. +39 02 2399 7130 - fax: +39 02 700 442 399
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20030311/186a0657/attachment.bin
More information about the samba-technical
mailing list