Hello Volker,
On 2006-08-19 16:25:49 +0200, Volker Lendecke <[EMAIL PROTECTED]> said:
On Sat, Aug 19, 2006 at 09:33:44AM +0200, Matthias Sch=FCndeh=FCtte wrote:
So why does this decryption work if I use the IP-Address of the server=20
or a non-AD DNS-name and fail if I use the WINS- or AD-DNS name?
Your Kerberos setup for some reason is broken. If you use
the IP address or a cname then the client falls back to
ntlmssp.
Aah, I see... thanks for the explanation.
What Unix and Kerberos do you use?
It's FreeBSD 5.5-RELEASE (on my Server) and FreeBSD-6.1-STABLE (on my
Workstation), both with Heimdal-Kerberos.
I must admit that the/my previous version of Samba (3.0.22) was
compiled using MITs Kerberos V 1.5... But 'kinit' worked with Heimdal
as well as 'net ads join' so I thought that was Ok... I prefer Heimdal
because it's part of the base OS.
Matthias
--
Ciao/BSD - Matthias
Matthias Schuendehuette <msch [at] snafu.de>, Berlin (Germany)
PGP-Key at <pgp.mit.edu> and <wwwkeys.de.pgp.net> ID: 0xDDFB0A5F
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
