-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Scott Armstrong wrote:
>> And why can't you use 'kinit -k machine$'? > > I probably could do that but I had been trying to keep > things as close to the way I had been creating machine > principals when using an MIT KDC - host/[EMAIL PROTECTED] > The kinit command I'm using is > kinit -p -k host/[EMAIL PROTECTED] > I also have a weekly cron job to automatically change > the machine trust password since I believe I read in > one of the mailings that it wasn't handled automatically > yet. If the only reason for the UPN is so its more like MIT, then I'm inclined to push back and say just precreate the machine account with a UPN before joining the domain. Or I could add a switch to 'net ads join' that said "create the UPN". I don't really want to make it default behavior. Would that be acceptable? cheers, jerry ===================================================================== Samba ------- http://www.samba.org Centeris ----------- http://www.centeris.com "What man is a man who does not make the world better?" --Balian -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (GNU/Linux) Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org iD8DBQFEtrQNIR7qMdg1EfYRAgieAKDfY/WJd35qexWCErikuJCoQ527+wCgkdHc 1/fWbn44a0JiMsnJnfIXlyc= =tMTf -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba