On Fri, 2014-09-12 at 22:08 +0200, Lars Hanke wrote:
> Am 12.09.2014 21:14, schrieb steve:
> >
> > DNS? Is the 386 client pointing _only_ at the Samba4 DC?
>
> The 386 client points to the AD DNS.
Does Samba4 DC == AD DNS?
Guessing: You don't want to use any domain services on the 386 client.
Y
> On Fri, 2014-09-12 at 22:08 +0200, Lars Hanke wrote:
>> Am 12.09.2014 21:14, schrieb steve:
>
Solution summary: NTP was not running properly and the Samba4 KDC seems
to be more picky about time than the MIT KDC. After resynchronizing I
get tickets from Samba4.
The rest attached informally to
Hello,
Am I correct that the kfw-4.0 GUI does not support a Canonicalisation option
for the principal name?
I cannot find anything of that nature on
http://web.mit.edu/kerberos/kfw-4.0/kfw-4.0/kfw-4.0-help/index.html
Thanks,
-Rick
Kerberos maili
On Sat, 2014-09-13 at 11:02 +0200, Lars Hanke wrote:
> > On Fri, 2014-09-12 at 22:08 +0200, Lars Hanke wrote:
> >> Am 12.09.2014 21:14, schrieb steve:
> >
>
> Solution summary: NTP was not running properly and the Samba4 KDC seems
> to be more picky about time than the MIT KDC. After resynchroni
Hello,
I am trying to create an enterprise principal with kadmin.local; but I cannot
find what the proper procedure is.
What fails is naively doing
addprinc u...@example.com@EXAMPLE.COM
I do succeed when I instead do
addprinc user\@example@example.com
I did find that the -E
On Sat, 2014-09-13 at 18:52 +0200, Rick van Rein wrote:
> I did find that the -E (MIT) or —enterprise (Heimdal) switch work to
> login to a principal u...@example.com@EXAMPLE.COM; without the flag, I
> need to escape the first @ with a backslash; the Ticket Viewer of Mac
> OS X also needs this back
On Sat, 13 Sep 2014, Rick van Rein wrote:
> Hello,
>
> Am I correct that the kfw-4.0 GUI does not support a Canonicalisation
> option for the principal name?
I'm not sure I understand the question correctly. Are you asking about
RFC 6806 name canonicalization, as used for (e.g.) enterprise princ
