I've a linux client which I want to get authenticated by win 2000 domain controller.I tried two methods.
1. using kerberos client 2.using samba & winbind
using kerberos client , I ran authconfig on my linux box and selected the option "use kerberos" and gave the address of my server and domain name.Then I tried to get a ticket from the server with the command
"kinit <username>"
It promted for the domain password.The same user was created at the server.The password was accepted.But no other message came on the screen. I tried the command klist to see any tickets are issued. But no tickets were cached. I was not able to log in also. what could've gone wrong?
2. using samba & winbind
I did the following changes in samba
security = ADS
password encrypt = yes
realm = MYDOMAIN.COM
idmap uid = 10000-20000
idmap gid = 10000-20000
template shell = /bin/bash
winbind separator = +
Then I ran authconfig and selected the option "SMB authentication " and gave the details of my server.The I tried to join the domain with the command
net join -w mydomain.com -I <server IP> -U administrator
which prompted for the password
But the message was "Unable to join the Domain mydomain.com"
and there was a message like "INVALID_NT_COMPUTER_NAME "
Another error was
"kerberos kinit password
administrator@MYDOMAIN.COM failed. KDC has no support for encryption type"
should I need to create the machine account in windows or is it created on the fly.
If you have any solution, please help me.
Regards,
Jomy