Trust status
Andrew Bartlett
abartlet at samba.org
Thu Dec 4 21:37:34 GMT 2008
On Thu, 2008-12-04 at 16:33 +0100, Stefan (metze) Metzmacher wrote:
> >>>> Can Samba3 trust us? (With the extended dn fixes applied)
> >>> I hope to have this working soon.
> >> Both as workstation and domain trust?
> >
> > Well, my hope is that once the extended DN work is in, then the
> > workstation side might be done. Then we can test over domain trusts and
> > see if we missed anything else.
>
> I managed to setup that a samba3 pdc trusts samba4 dc.
> With todays commits and manually setting
> userPrincipalName: VZ0S3DOM at vz0s4dom.mx.base of the VZ0S3DOM$
> account.
>
> I couldn't find a quick way to fix your kdc to automaticly find the keys
> for the VZ0S3DOM at vz0s4dom.mx.base client principal.
OK, I'll try to look at this next week. It needs to notice that it's a
trusted domain name and redirect into the trusted domain entries (which
as you notice, has a different codepath).
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20081205/a1001cf1/attachment.bin
More information about the samba-technical
mailing list