svn commit: samba r19630 -
in branches/SAMBA_4_0/source/lib/cmdline: .
Stefan (metze) Metzmacher
metze at samba.org
Wed Nov 8 21:01:27 GMT 2006
-----BEGIN PGP SIGNED MESSAGE-----
Rafal Szczesniak schrieb:
> On Wed, Nov 08, 2006 at 11:01:55AM +1100, Andrew Bartlett wrote:
>> On Tue, 2006-11-07 at 23:48 +0000, mimir at samba.org wrote:
>>> Author: mimir
>>> Date: 2006-11-07 23:48:02 +0000 (Tue, 07 Nov 2006)
>>> New Revision: 19630
>>> WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=19630
>>> Support specifying the realm name from command line.
>>> Useful when testing calls against windows servers with krb auth.
>> I'm quite happy with --realm, but I don't think taking 'r' is a good
>> idea. Lets just use long options.
>> For authentication, you can also do username at realm in the -U argument.
> Oh, good to know - I didn't remember that. Indeed '-r' is a bit too
> recursive option :)
> On the other hand, setting the realm eitherway doesn't completely help
> because kerberos still complains:
> Server is not registered with our KDC: Miscellaneous failure (see
> text): Server (krbtgt/MIDNET.NET at TRITONNET.NET) unknown
> This sounds complicated as my natural reaction would be - "let's join the
> domain then" - but we don't support it yet. Any other interpretation
> or hint ?
I also found this, the problem is that the
smb_krb5_context->krb5_context that is used in gensec_gssapi.c is
pointless as the the gssapi functions use the global _gsskrb5_context.
but we call krb5_set_default_realm() on the smb_krb5_context->krb5_context.
I think we need to cleanup a lot of stuff in that area:-(
and we also need to provide callbacks for resolving the kdc address
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the samba-technical