samba4 success/failure report...all's working despite kerberized ssh

Georg Hopp georg at steffers.org
Tue Feb 18 07:12:07 MST 2014 

I fancy that it might have to be done with the way I added the linux
hosts to the AD.

As I have written I used the Windows Remote Administration Tools to
add them, but I never joined then AFAIK. I would prefer not to install
samba on each linux machine that I want to join to the domain if I
can prevent it.

Here are the directory entries for www, mail, and the windows machine
which is called COYOTE-WIN.

One can see that they differ. The most pculiar thing to me is that they
don't have a servicePrincipalName.



dn: CN=www,CN=Computers,DC=weird-web-workers,DC=org
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
objectClass: computer
cn: www
instanceType: 4
whenCreated: 20140214092639.0Z
uSNCreated: 3843
name: www
objectGUID:: +8/DVB7LOEGeSvQSBRdedw==
badPwdCount: 0
codePage: 0
countryCode: 0
badPasswordTime: 0
lastLogoff: 0
lastLogon: 0
primaryGroupID: 515
objectSid:: AQUAAAAAAAUVAAAAzo8nYOqz+xu+M/h4VQQAAA==
accountExpires: 9223372036854775807
logonCount: 0
sAMAccountName: WWW$
sAMAccountType: 805306369
objectCategory: CN=Computer,CN=Schema,CN=Configuration,DC=weird-web-workers,DC
 =org
isCriticalSystemObject: FALSE
pwdLastSet: 130368436010000000
whenChanged: 20140214092641.0Z
userAccountControl: 4128
uSNChanged: 3845
distinguishedName: CN=www,CN=Computers,DC=weird-web-workers,DC=org

dn: CN=mail,CN=Computers,DC=weird-web-workers,DC=org
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
objectClass: computer
cn: mail
instanceType: 4
whenCreated: 20140214092622.0Z
uSNCreated: 3840
name: mail
objectGUID:: zK5gdYWn6UqQW9yD3OvbpA==
badPwdCount: 0
codePage: 0
countryCode: 0
badPasswordTime: 0
lastLogoff: 0
lastLogon: 0
primaryGroupID: 515
objectSid:: AQUAAAAAAAUVAAAAzo8nYOqz+xu+M/h4VAQAAA==
accountExpires: 9223372036854775807
logonCount: 0
sAMAccountName: MAIL$
sAMAccountType: 805306369
objectCategory: CN=Computer,CN=Schema,CN=Configuration,DC=weird-web-workers,DC
 =org
isCriticalSystemObject: FALSE
pwdLastSet: 130368435840000000
userAccountControl: 4128
whenChanged: 20140214092625.0Z
uSNChanged: 3842
distinguishedName: CN=mail,CN=Computers,DC=weird-web-workers,DC=org

dn: CN=COYOTE-WIN,CN=Computers,DC=weird-web-workers,DC=org
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: user
objectClass: computer
cn: COYOTE-WIN
instanceType: 4
whenCreated: 20140213131646.0Z
uSNCreated: 3781
name: COYOTE-WIN
objectGUID:: p1+m5YbJQ0yj78J9s2XIYA==
userAccountControl: 4096
badPwdCount: 0
codePage: 0
countryCode: 0
badPasswordTime: 0
lastLogoff: 0
lastLogon: 0
pwdLastSet: 130367710060000000
primaryGroupID: 515
objectSid:: AQUAAAAAAAUVAAAAzo8nYOqz+xu+M/h4UQQAAA==
accountExpires: 9223372036854775807
logonCount: 0
sAMAccountName: COYOTE-WIN$
sAMAccountType: 805306369
dNSHostName: COYOTE-WIN.weird-web-workers.org
servicePrincipalName: HOST/COYOTE-WIN.weird-web-workers.org
servicePrincipalName: RestrictedKrbHost/COYOTE-WIN.weird-web-workers.org
servicePrincipalName: HOST/COYOTE-WIN
servicePrincipalName: RestrictedKrbHost/COYOTE-WIN
servicePrincipalName: TERMSRV/COYOTE-WIN.weird-web-workers.org
servicePrincipalName: TERMSRV/COYOTE-WIN
objectCategory: CN=Computer,CN=Schema,CN=Configuration,DC=weird-web-workers,DC
 =org
isCriticalSystemObject: FALSE
operatingSystem: Windows 7 Professional
operatingSystemServicePack: Service Pack 1
operatingSystemVersion: 6.1 (7601)
msDS-SupportedEncryptionTypes: 28
whenChanged: 20140218134600.0Z
uSNChanged: 4066
distinguishedName: CN=COYOTE-WIN,CN=Computers,DC=weird-web-workers,DC=org


best regards
  Georg Hopp
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20140218/80334d0d/attachment.pgp>

More information about the samba-technical mailing list