Samba-3.0.7-1.3E Active Directory Issues
Markus Moeller
huaraz at moeller.plus.com
Tue Nov 9 23:22:15 GMT 2004
Luke,
yes correct. With the MS ktpass it would be:
ktpass /ou file /desonly /crypto des-cbc-md5 /ptype krb5_nt_srv_hst /mapuser
testserver-host$ /princ host/testserver.mycountry.mydomain.com at MYREAL.COM.
This will be mapped to a computer account testserver-host with
sAMaccountname testserver-host$.
Regards
Markus
"Luke Howard" <lukeh at padl.com> wrote in message
news:200411092307.iA9N76OP096401 at au.padl.com...
>
>>I got some details from MS of how the salt has changed for computer
>>accounts
>>in 2003:
>>
>>In 2003 (not sure if it is SP1) computer accounts and only computer
>>accounts
>>take the following salt:
>>
>>1) For a principal host/testserver.mycountry.mydomain.com at MYREALM.COM
>>mapped
>>to testserver-host the salt is:
>>
>>MYREALM.COMhosttestserver-host.myrealm.com
>
> When you say "mapped", do you mean the computer object's SAM account name
> is
> testserver-host$ and it has a servicePrincipalName of
> host/testserver.mycountry.mydomain.com? Or something else?
>
> -- Luke
>
> --
>
More information about the samba-technical
mailing list