1. Change an administrators password, especially if you upgraded from NT 4.
2. Create a krb5.conf file int /etc that looks like this:
logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log
[libdefaults] ticket_lifetime = 24000 default_realm = YOURDOMAIN.COM dns_lookup_realm = true dns_lookup_kdc = true default_etypes = des-cbc-crc des-cbc-md5 default_etypes_des = des-cbc-crc des-cbc-md5
[realms]
FSKLAW.NET = {
kdc = kerberos.yourdomain.com
admin_server = servername.yourdomain.com
default_domain= yourdomain.com
}[domain_realm] .kerberos.server = KERBEROS.FSKLAW.NET
[kdc] profile = /var/kerberos/krb5kdc/kdc.conf
[pam] debug = false ticket_lifetime = 36000 renew_lifetime = 36000 forwardable = true krb4_convert = false
3. Test kinit: kinit [EMAIL PROTECTED] enter new password. You should be at a prompt. You'll get nothing if it's working.
4. Join the domain. net ads --user=someadmin join. Enter password. You should get some message telling you you were successfull. Check out the Win2k machine. The samba name of your Unix box should be in active directory users and computers, in computers. Double click the listing and check version. It should say the OS is Samba 3.0.x. Your in, mostly at this point.
Hope this helps, I've been at this three weeks now.
TMS III
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
