Ideas on the kerberos issues with 3.0.6
Luke Howard
lukeh at PADL.COM
Thu Sep 9 14:22:16 GMT 2004
>In our case, we only check (in the session setup kerberos_verify.c code)
>HOST/w2003final.win2k3.bartlett.house. My vauge understanding of
>kerberos tells me that this will work for the 'unsalted' encryption
>types (type 23) but not for the older, salted types, which would line up
>with the bugs suffered by those with krb5 1.2.
My understanding is that the canonical principal name is (e.g.
W2003FINAL$) is used for salting.
-- Luke
More information about the samba-technical
mailing list