[Samba] 2003 KDC and Samba
greg at gregfolkert.net
Thu Jul 29 16:55:01 GMT 2004
On Thu, 2004-07-29 at 10:08, Tran Charles A Civ OC-ALC/ITMA wrote:
> We have serveral RHEL 3.0 Update 2 servers running Samba.
> These have been working flawlessly for several months..
> Recently, the base upgraded all the Windows 2000 servers
> to Windows 2003..
> NOTE: we don't have admin rights to the Domain Controllers.. (wish we did..)
> Previous to the Domain (and kdc) controllers to 2003 we had
> no issues joining a new Samba Sever to the ADS..
> Using the same krb5.conf and kdc.conf and smb.conf file.. it
> is no longer possible to join a Samba 3.0 server to the domain..
> Any help direction is appreciated..
> Samba packages
> Kerberos Packages..
First off, you need to use MIT kerberos v1.3.x, install it (I had to use
source to do this. v1.3.4 works nice. I just left the RHES krb5 stuff
inplace. as then it feels just like it was compiled for it.
I used a fugly configure line, for kerberos. You will prolly have to do
the same for krbafs. I also updated the pam_smb and pam_krb5 packages
from Fedora Core (got the src rpm and did a rpmbuild --rebuild on it)
Your samba should be okay, but given that 3.0.5 was just release last
week Wednesday as a security release... dunno.
I had many little problems at MIT krb5 v1.2.7. Why I went to v1.3.4.
You might also try the "currently broken" option called: spnego = Yes
It may or may not work.
If you want to know the configure options I used... let me know.
greg, greg at gregfolkert.net
The technology that is
Stronger, better, faster: Linux
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20040729/11266888/attachment.bin
More information about the samba