Ryan Dorman wrote: > The instructions here: > > http://blog.scottlowe.org/2007/01/15/linux-ad-integration-version-4/ > > Have been very helpful to me... obviously they are Linux specific but are a > good jumping off point for Samba/Kerberos > > Watch how the pam files are setup on your distribution/flavor as there could > be other things (like a system-operators file) or some such.
Scott Lowe also has a solaris guide that is pretty useful. Be forewarned -- if you start trying to use service principals, AD doesn't exactly support them. A lot of the recommendations floating around will tell you to create user accounts and us AD's ktpass.exe to map the principal name to that. You can map a principal name to a computer account, but the magic is that you need to ensure that the userprincipalname attribute is mapped to the service you want to kerberize. (Which is what ktpass does, and forgets to tell you .... ) -- -- John E. Jasen ([email protected]) -- No one will sorrow for me when I die, because those who would -- are dead already. -- Lan Mandragoran, The Wheel of Time, New Spring _______________________________________________ Tech mailing list [email protected] http://lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
