Hi, I am having a problem accessing my W2K3 server in a SSO environment, consisting of a Mac OS X 10.3.6 Server and two W2K3 Servers.
SSO wise, everything is supposedly setup correctly; my smb.conf has been edited to contain the following lines required for SSO: Security = ads Encrypt password = yes //samba default Workgroup = FOO Realm = FOO.BAR.COM Use spnego = yes Client use spnego = yes Domain logons = yes Client use ntlmv2 auth = yes ...and evrything works like a charm on the Windows side of the fence.... The majority of out clients run Mac OS X, however, and from these machines I cannot get in contact with the W2K3 servers when using Kerberos. Using Apple's standard setup is no problem... ...I even have SSO for AFP (Apple File Protocol) working with customised Kerberos principals on the W2K3 servers... ...The only bit missing is the re-acceptance of the once granted (Active Directory) Kerberos TGT for SSO use with Mac OS X.... This ticket is encrypted with Arcfour HMAC-MD5 and this seems to be valid enough, since the exact same type of ticket gives us SSO from W2K client -> Mac OS X 10.3.6 server.... Does anyone have a clue as to what might be skewing things up, kerberos-wise? Best regards, S�ren Gr�nning ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] https://mailman.mit.edu/mailman/listinfo/kerberos
