[Samba] Samba File Server - AD-MIT KDC Trust

Aaron Rosenblum arosenbl at mac.com
Thu Mar 11 22:07:48 GMT 2004


I have a large client who has an MIT Kerberos realm set up.  According 
to MS guidelines, they have also set up a one way trust between their 
AD domain and their MIT realm so that their users could continue using 
their MIT kerberos login and password to access kerberized services on 
their network.  Essentially, users log into their PCs using their MIT 
names/passwords but can access servers bound to AD or outside AD in the 
MIT kerberos realm.  I want to replace a windows 2000 domain member 
file server with a samba file server for this client.  I have bound the 
samba server to the domain using "net ads join" but it can't seem to 
log into the server from clients.  With the windows server, the clients 
who have logged into their machines with MIT credentials transparently 
get AD credentials and can access their files.  Am I barking up the 
wrong tree here?  Is this supposed to work in Samba 3?  If so, can 
anyone give me tips?



More information about the samba mailing list