Fergus,
What version of Samba are you using?
With the version 3.0 if you set ?encrypt password = yes? in smb.conf you will
tell it to use Kerberos, but I think that you already do it.
Other parameter is the ?security = ADS? that enable the search in ADS.
On Friday 14 November 2003 04:18, Fergus McKenzie-Kay
wrote:> Hi,
> We have an environment where we use LDAP and Kerberos and we are having
> trouble setting up Samba with both of these.
> We also have a win2k Active Directory server that has all the users
> mapped to our kerberos realm. Unfortunately when we try and configure
> to use the Active Directory server for authentication it tries to use
> the native win2k password and not the kerberos realm mapping.
> I have tried to set the smb.conf to the kerberos realm and the password
> server to the KDC but I get:
> "session setup failed: NT_STATUS_NO_LOGON_SERVERS"
>
> Does anyone have any ideas how to make samba either use active directory
> with the username mappings to kerberos? Or simply use kerberos
> authentication while and LDAP authorisation?
> I believe the first solution would be easier as then AD would look after
> all the details.. whereas when we tried to setup samba talking to
> kerberos and ldap, the ldap config needed changing and samba had to know
> how to create users in kerberos and ldap.
>
> Any ideas would be appreciated.
>
> --
> Fergus McKenzie-Kay <Linux@NerdIT.com>
--
Fernando Fonseca
Network Administrator
Tel: +55(11)4039-9260
Triaton do Brasil