I did notice that things seem to work properly in Solaris 10 and figured it must include TCP support. Modifying the user account property to not require kerberos pre-authentication has worked but that has some implications of its own. I will investigate some of the other suggestions though
Bill -----Original Message----- From: Wyllys Ingersoll [mailto:[EMAIL PROTECTED] Sent: Monday, August 29, 2005 10:10 AM To: Smith, William E. (Bill), Jr. Cc: [email protected] Subject: Re: Problems trying to authenticate Unix users via Active Directory Bill Smith wrote: >>From what I've found, it seems to be an issue with the user being in >>too >many AD groups, the Windows KDC wanting to use TCP rather than UDP, and >the MIT version not supporting it. What I'm not certain on is whether >is the version shipped with Solaris 9 is MIT-based or something >proprietary to Solaris. I've found some mention of setting a registry >key on the Windows ] > > The SEAM packages in Solaris are based on MIT, though they are not identical, there are some minor differences. Solaris 9 SEAM does not have TCP support, which is needed to work with Windows 2003 server. There are workarounds, as others have pointed out. > >At this point, we're still having the problem with no resolution. Has >anyone else encountered this issue? If so, is there a patch from SUN >to address it or did you have to do something else? Would appreciate >any insight into this problem > > I'm not sure if we have a patch for Solaris 9, but I do know that Solaris 10 has TCP support and does not suffer the same problems as the Solaris 8 and 9 versions. -Wyllys ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
