[Samba] how 2003 domain can force samba to use ADS mode
pablo at compugenic.com
pablo at compugenic.com
Sun Nov 23 20:48:04 GMT 2008
I've inherited someone else's 2003 domain. Upon trying to join a new
samba server to the domain using 'security = domain' mode, I realized
the 2003 DC's were not having it.
I setup a krb.conf file, added my 'realm = ' line to smb.conf, and
changed 'security = domain' to 'security = ads'. I was then able to
join the 2003 domain using 'net ads join ...'.
My question is where & how is the 2003 domain forcing the use of
kerberos authentication to join a domain? I've looked thru all the
GPO's and googled this, but am still at a loss.
I mainly want to know now for educational purposes. It's not urgent, as
samba is working fine in ADS mode. But this will drive me nuts until I
figure out how it's doing this.
TIA for your help.
--
Pablo
More information about the samba
mailing list