[Samba] RedHat+Samba+Winbind to ADS

Andrew Bartlett abartlet at samba.org
Fri Feb 18 22:28:40 GMT 2005

On Wed, 2005-02-16 at 10:09 -0500, Greg Folkert wrote:
> On Wed, 2005-02-16 at 11:49 +0100, Antón wrote:
> > Hi,
> > 
> > I 've a gateway and I want to use squid authenticated with Windows 2000
> > Active Directory users.
> > 
> > I've a development platform with Debian/Sarge as gateway, and it works.
> > (samba 3.0.10-1 and Kerberos 1.3.6-1)
> > 
> > On the other side the production platform uses RedHat Enterprise AS3,
> > initially with Samba 3.0.6 and Kerberos 1.2.7-28. I was not able to use
> > Active directory groups without get smb panic errors in winbindd, so I
> > update to Samba 3.0.9-1.3E.2 and Kerberos 1.2.7-38 (last available
> > updates).
> You *ABSOLUTELY MUST USE* a version of MIT Kerberos5 v1.3.1 or newer.

Yes and no.  My understanding is that the issues regarding MIT < 1.3.1
have been again resolved, in the latest Samba (including what has been
released for RHEL by RedHat).  Linking to another kerberos
implementation is a real pain (you would need to statically link to even

(Of course, life is much easier with krb5 1.3.1 or later, but I know
what a pain it is for RHEL users)

I think the issue here is that the machine must be rejoined to the
domain, after the upgrade.

Andrew Bartlett

Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Student Network Administrator, Hawker College  http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20050219/50ced1b2/attachment.bin

More information about the samba mailing list