samba - Oct 2004 - Kerberos vs NTLM 0.12 in Samba log files...

Hi,

I am trying to make Samba 3.0.7 work with ADS security mode. In the Win2K3
server's Event Viewer, I see the client's logon. In that log entry's
properties, I see that the "logon process" used is Kerberos. However,
in the
Samba log files, the protocol selected is "NTLM 0.12" and I see a lot
of
Samba log entries regarding NTLM authentication, nothing about
"Kerberos" or
"KRB5".

Am I using Kerberos or what?  What log entries should I be looking for in
the Samba log files that would be a clear indication that Kerberos is being
used for the client's logons?

Regards,

Marcello

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Melfi.Marcello@hydro.qc.ca wrote:
| Hi,
|
| I am trying to make Samba 3.0.7 work with ADS security mode.
| In the Win2K3 server's Event Viewer, I see the client's logon.
| In that log entry's properties, I see that the "logon process"
| used is Kerberos. However, in the Samba log files, the protocol
| selected is "NTLM 0.12"

This is the CIFS protocol dialect selected and not
the authentication mechanism used.

| and I see a lot of Samba log entries regarding NTLM
| authentication, nothing about "Kerberos" or
| "KRB5".

Look in a level 10 debug log for the phrase SPNEGO and
the authentication details should be there.

Or you can just use etheereal to look at the traffic.




cheers, jerry
- ---------------------------------------------------------------------
Alleviating the pain of Windows(tm)      ------- http://www.samba.org
GnuPG Key                ----- http://www.plainjoe.org/gpg_public.asc
"If we're adding to the noise, turn off this song"--Switchfoot
(2003)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFBfl/YIR7qMdg1EfYRAuM3AJ9zWJPpGjkChul+2D8sB19HegfBwwCg4jfT
kRT9JWDl//VQa4gd9+zAhFQ=CqCf
-----END PGP SIGNATURE-----