0

Now,I already realize that configure Redhat5.5 as PDC(primary domain controller), and the clients(windows xp and windows2003) can join the realm. The realm name of Redhat5.5. is EXAMPLE.COM.

Currently, when the time the client(eg: windows 2003) join the EXAMPLE.COM, from the packet captured by the wireshark, we learn that there is only NTLM packet in the dcerpc protocol, there is no kerberos packet. The conclusion is that the client is not execute kerberos authentication.

Next, I want the execute the kerberos authentication when the client join the PDC, how can I realize it?

The material of keys “kerberos, PDC, samba” is very little of china. Any help would be appreciate sincerely! Thank you very much in advance!

laoyang360
  • 3
  • 5
  • I think this question would be a better fit for http://serverfault.com/ – Ian McLaird Nov 11 '13 at 13:48
  • Thank you, I have moved it to serverfault.com. @Ian McLaird – laoyang360 Nov 12 '13 at 03:54
  • Samba in RHEL5.5 does not support functioning as Active Directory domain controller. Thus, you will not be able to join Windows 2003 clients to it using Kerberos. – abbra Nov 12 '13 at 22:07
  • Thank you.I have reconfigured my samba and kerberos refer to http://wiki.samba.org/index.php/Samba_AD_DC_HOWTO. Now, The windows client(window2003) can execute the kerberos authentication when it joined the samba PDC. But, It occurs the "STATUS_USER_EXISTS" and “STATUS_ACCESS_DENIED”errors through captured packet by wireshark. I have not find where the problem is? Is reason the Samba in RHEL5.5 does not support functioning as Active Directory domain controller right? I am looking for four hours, but could not find the reason. – laoyang360 Nov 13 '13 at 04:44

0 Answers0