[Samba] named pipe, dcom and samba4
Denis Cardon
denis.cardon at tranquil-it-systems.fr
Thu May 2 02:47:09 MDT 2013
Hi everyone,
after a classicupgrade from a samba3 domain to a samba4, I have a weird
issue related to DCOM and named pipes.
The switch to samba4 went fine and everything works perfectly except one
old software that uses Windows named pipes and DCOM for client-server
communication.
When trying to access the DCOM server the software fails. The failure
can be easily reproduced with a simple vbscript call.
dim vl
set vl = CreateObject("ManagerMax.clsmanager","magnus")
this call gives me the following windows error code : 80070721
There is a blog post
(http://blogs.msdn.com/b/distributedservices/archive/2009/07/20/activation-of-a-com-component-fails-on-windows-server-2008-with-the-error-80070721.aspx)
suggesting to create SPN for the DCOM services.
However the software maker helpdesk tells me that they have never heard
of service principals and says it should work out of the box.
I asked them to provide me with a setspn -l listing of the principal of
a working configuration, and indeed there is no SPN associated with the
DCOM objects.
So I guess the authentication probably goes through NTMLv2 in a MSAD
environement but seems to require kerberos auth in a Samba4 setup.
Is anyone gone through this kind of issue yet?
Thanks,
Denis
--
Denis Cardon
Tranquil IT Systems
Les Espaces Jules Verne, bâtiment A
12 avenue Jules Verne
44230 Saint Sébastien sur Loire
tel : +33 (0) 2.40.97.57.55
http://www.tranquil-it-systems.fr
More information about the samba
mailing list