the fact is that, imho, MS can't (haven't looked too colsely, but I had to change the password too as tridge howto on ads say). When you make a server be an ADS it simply makes an upgrade and it does not have the clear text password to do all the other encryptions.
Simo. On Tue, 2003-03-11 at 18:06, Herb Lewis wrote: > We had this same problem at connectathon. All I had to do was Go to > the ADS machine, login as the user, and change the password. The > current released version of MIT kerberos worked fine after that. It > appears that MS does not create all the required encryption types > for the password until the first change. > > Andrew Bartlett wrote: > > > > > > The issue is that the password of the user you are connecting to Samba > > with does not have the 'upgraded' password types. This occurs if the > > user hasn't changed their password since the ADS upgrade. > > > > The 'best' solution is to get a newer kerberos library, but MIT hasn't > > released the latest kerberos, so it's up to you to get their snapshots, > > or a recent heimdal. > > > > Andrew Bartlett > > -- Simo Sorce - [EMAIL PROTECTED] Xsec s.r.l. via Durando 10 Ed. G - 20158 - Milano tel. +39 02 2399 7130 - fax: +39 02 700 442 399
signature.asc
Description: This is a digitally signed message part