On Thu, 2005-10-20 at 00:11 +0200, Serassio Guido wrote: > Hi Henrik, > > At 23.00 19/10/2005, Henrik Nordstrom wrote: > >>Downloaded, compiled, and joined to the domain. > > > >Good. > > I have discovered that the machine account in the domain is not > created correctly: the SPNs HOST/machine and HOST/machine.fqdn are > not created. They are needed from the Kerberos KDC for the token distribution. > So I have added manually the SPNs to the machine account.
This was a regression. I've fixed this now. > >>But i like to do some test to verify is the basic membership is > >>working, but .... > >>- many configuration directive in smb.conf are changed > >>- swat doesn't work > >>- I can't find any documentation about Samba 4 smb.conf > > > >You shouldn't need much config at all for just authentication via winbind. > > > >It's probably best tested with ntlm_auth in it's different modes. > > Probably true. But I like to be sure that my Samba 4 interacts > correctly with AD using Kerberos before try SPNEGO authentication. Samba4 should do the same YR -> AF for kerberos, because kerberos is that good :-) Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Samba Developer, SuSE Labs, Novell Inc. http://suse.de Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net
signature.asc
Description: This is a digitally signed message part
