Samba-3.0.7-1.3E Active Directory Issues

Luke Howard lukeh at padl.com
Tue Nov 9 23:27:58 GMT 2004


Hi Markus,

>yes correct.  With the MS ktpass it would be:
>ktpass /ou file /desonly /crypto des-cbc-md5 /ptype krb5_nt_srv_hst /mapuser 
>testserver-host$ /princ host/testserver.mycountry.mydomain.com at MYREAL.COM. 
>This will be mapped to a computer account testserver-host with 
>sAMaccountname testserver-host$.

Interesting. I wonder why the domain is present twice. What happens if
you change the dNSHostName value of the principal? Does the latter part
of the salt change too?

I wonder if the salt is:

	REALM | "host" | dNSHostName

or

	REALM | "host" | SAM-Account-Name-No-$ | realm

regards,

-- Luke

--


More information about the samba-technical mailing list