svn commit: samba r19630 - in branches/SAMBA_4_0/source/lib/cmdline: .

Stefan (metze) Metzmacher metze at samba.org
Wed Nov 8 21:01:27 GMT 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Rafal Szczesniak schrieb:
> On Wed, Nov 08, 2006 at 11:01:55AM +1100, Andrew Bartlett wrote:
>> On Tue, 2006-11-07 at 23:48 +0000, mimir at samba.org wrote:
>>> Author: mimir
>>> Date: 2006-11-07 23:48:02 +0000 (Tue, 07 Nov 2006)
>>> New Revision: 19630
>>>
>>> WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=19630
>>>
>>> Log:
>>> Support specifying the realm name from command line.
>>> Useful when testing calls against windows servers with krb auth.
>> I'm quite happy with --realm, but I don't think taking 'r' is a good
>> idea.  Lets just use long options.  
>>
>> For authentication, you can also do username at realm in the -U argument.
> 
> Oh, good to know - I didn't remember that. Indeed '-r' is a bit too
> recursive option :)
> 
> On the other hand, setting the realm eitherway doesn't completely help
> because kerberos still complains:
> 
> Server is not registered with our KDC:  Miscellaneous failure (see
> text): Server (krbtgt/MIDNET.NET at TRITONNET.NET) unknown
> 
> This sounds complicated as my natural reaction would be - "let's join the
> domain then" - but we don't support it yet. Any other interpretation
> or hint ?

I also found this, the problem is that the
smb_krb5_context->krb5_context that is used in gensec_gssapi.c is
pointless as the the gssapi functions use the global _gsskrb5_context.

but we call krb5_set_default_realm() on the smb_krb5_context->krb5_context.

I think we need to cleanup a lot of stuff in that area:-(
and we also need to provide callbacks for resolving the kdc address

metze
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org

iD8DBQFFUkWnm70gjA5TCD8RAohtAJwLWA2dDeeDgldl62aqmab0zFsehgCgiWP/
p0JXF8B4Cab6URuLfJW297M=
=kVUv
-----END PGP SIGNATURE-----


More information about the samba-technical mailing list