w2k join/logon

tridge at samba.org tridge at samba.org
Tue Dec 13 10:41:35 GMT 2005


 > I'll keep looking at it, unless Andrew Bartlett works it out first :-)

Looking at it a bit more, it looks like we rely on the client doing a
LDAP modify to add the servicePrincipalName itself. WinXP does this
(after checking if it needed by looking for an existing
servicePrincipalName), so it works fine, but win2000 doesn't do this,
which breaks a kerberos join.

Any comments on where we should add this? The obvious places are in
dsdb/samdb or in the hdb-ldb backend. Do you have a preference?

Cheers, Tridge

More information about the samba-technical mailing list