RES: [Samba] authentification in ads2003
Gerald (Jerry) Carter
jerry at samba.org
Wed Jun 9 20:02:55 GMT 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Estevam Henrique Carvalho wrote:
| I also have made this configuration working with w2k, the
| problem is related do enc-types used by w2k3. I have seen
| a lot of people complaining about the same issue. Can the samba
| gurus help the community ??? What are the right configuration
| to put a Samba 3.0.x working as a Active Directory 2003
| member and be accessible through \\<samba name>\<share name> ?!
|
| Please Jerry Carter, Andrew Batlett e other, gave us
| some light...
|
...
|>[realms]
|>CAR.BE.TEST.COM = {
|>kdc = car-pdc.car.be.test.com
|>default_domain = car.be.test.com
|>}
|>#[domain_realms]
|>#.kerberos.server=CAR.BE.TEST.COM
|>
|># The following krb5.conf variables are only for MIT Kerberos.
|> default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
|> default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
|> permitted_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
I never set these three options any more. I fact, my entire
krb5.conf consists of:
- --------------------
[libdefaults]
~ dns_fallback = true
- --------------------
It's probably the permitted_enctypes line that is causing
problems.
cheers, jerry
- ----------------------------------------------------------------------
Hewlett-Packard ------------------------- http://www.hp.com
SAMBA Team ---------------------- http://www.samba.org
GnuPG Key ---- http://www.plainjoe.org/gpg_public.asc
"...a hundred billion castaways looking for a home." ----------- Sting
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFAx2zvIR7qMdg1EfYRAhWgAKDrDFs/WAqvORDU0uXNWIsc8n42cACgnShz
cJWYHIbZpG8rbUxNiBXKSQI=
=o3ev
-----END PGP SIGNATURE-----
More information about the samba
mailing list