Re: [opensuse] what does mean?

Hash: SHA1

On 2012-04-01 09:06, lynn wrote:

Yes we are running AD. Samba4 _is_ AD. The schema includes rfc2703. Our
users have the posixAccount and posixGroup objects which are defined in the
m$ AD schema. (made public via the Samba vs m$ European Court ruling last


Kerberos needs not only to authenticate the user but also the machines on
the lan. When I logon, both I and my computer have to authenticate. If I
request a file then both I and the fileserver have to authenticate. This is
why the dns is crucial with Kerberos.

I see...

I underwent a period of training, mostly with W2K8 R2. These servers had
their corresponding DNS, but not DHCP because you can imagine the havoc 14
DHCP servers can make in the same LAN :-)

But clients did authenticate to the domains.

What I did not make sure is if the DNS could always track the clients. I
think that when someone logged in, the machine was counted in the DNS. This
can not be replicated with bind, AFAIK, and is perhaps the reason that the
samba folks think of another dns daemon.

Nearer to undestanding. Thanks again.
L x

Try to trim your messages, removing the old stuff from previous messages.
Yours are very long and more difficult to read because you don't.
It also needs learning, but please do :-)

- --
Cheers / Saludos,

Carlos E. R.
(from 11.4 x86_64 "Celadon" at Telcontar)
Version: GnuPG v2.0.16 (GNU/Linux)
Comment: Using GnuPG with SUSE -

To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse+owner@xxxxxxxxxxxx