[Samba] Windows 2003 Active Directory Compatibility issue in libads/sasl.c

peter_yen at trendmicro.com peter_yen at trendmicro.com
Wed Aug 18 22:13:43 GMT 2004


Hi All,

I am new to the samba-technical list. I am currently adopting the way Samba does for mutual authentication using Kerberos to MS Active Directory 2003.
Basically, I am using this "static ADS_STATUS  ads_sasl_gssapi_bind (ADS_STRUCT *ads) " in my LDAP client implemented by Netscape Directory SDK.
However, the code works fine with Windows 2000 but fails on 2003. By running the code, I could sucessfully get the TGT and session ticket from
Windows Active Directory KDC with the right enctype. I verified both tickets by checking client's local credential cache using "klist". After tracing down the code,
the code fails on line 000374 ( http://samba.org/doxygen/appliance-head/sasl_8c-source.html) with an error saying "invalid credential". I have tried serveral ways to
work it out but got no luck. I am at the end of the rope. Is there a known issue for compatibility with Windows 2003 and Samba, or am I missing something here?
Any help and insighs are highly apprecited. Many thanks in advance. 
Sincerely,
Peter



TREND MICRO EMAIL NOTICE
The information contained in this email and any attachments is confidential and may be subject to copyright or other intellectual property protection. If you are not the intended recipient, you are not authorized to use or disclose this information, and we request that you notify us by reply mail or telephone and delete the original message from your mail system.


More information about the samba mailing list