Thanks for the reply. I have had problem with using host/machine.domain.com@REALM principal when I had both Samba and Unix services use the Windows 2000 KDC.
I will try to modify the principal name and see if it works. I will post my results in here. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Antti Tikkanen Sent: Tuesday, February 04, 2003 1:40 AM To: [EMAIL PROTECTED] Subject: RE: Samba 3.0alpha21, Windows XP SP1 and Kerberos authentication On Fri, 31 Jan 2003, P Ranjit Kumar wrote: > I have been having this problem for a long time now. I have a few questions > on how you have configured it. > > 1) How did you create the service principal host/machine.domain.com@REALM in > Windows 2000 KDC? I created it with OpenLDAP's ldapmodify after I joined the machine to the domain. An LDIF like this should work: dn: CN=machine_name,CN=Computers,DC=win,DC=hut,DC=fi changetype: modify add: servicePrincipalName servicePrincipalName: CIFS/machine.example.com > 2) Did the setup work with any Windows 2000 clients? I did not have a chance to test this yet, all our clients are currently XP. I will do this any day now. > 3) Do you have any other services, such as telnet etc., that want to use > Kerberos on your Linux box? Nope, not at this moment. I will be doing some comparative traces, as was suggested in another post. I'll post the results here as well, in case someone is interested. Regards, Antti
