HP CIFS Server 3.0b Administrator's Guide version A.02.01.01

Windows 2000/2003 Domains
Join an HP CIFS Server to a Windows 2000/2003 Domain as an ADS Member Server
Chapter 5104
Join an HP CIFS Server to a Windows
2000/2003 Domain as an ADS Member Server
Step-by-step Procedure
Use the following procedures to join an HP CIFS Server to a Windows
200x domain as an ADS native member server:
NOTE HP CIFS Server only supports the following Kerberos encryption types:
DES-CBC-CRC
•DES-CBC-MD5
You must configure one of these encryption types in the /etc/krb5.conf
file.
Step 1. Verify that LDAP-UX Integration product has been installed on your HP
CIFS Server:
swlist | grep J4269AA
Consult “Installing LDAP-UX Client Services on an HP CIFS Server” on
page 121 in Chapter 6, "LDAP Integration Support" if necessary.
Step 2. On your HP CIFS Server, you need to create the Kerberos configuration
file, /etc/krb5.conf, which specifies the default realm, the location of a
Key Distribution Center (KDC) server and the logging file names. The
Kerberos client depends on the configuration to locate the realm’s KDC.
The following is an example of /etc/krb5.conf which has the realm
MYREALM.XYZ.COM, and machine adsdc.myrealm.xyz.com as a KDC:
# Kerberos Configuration #
# #
# This krb5.conf file is intended as an example only. #
# See krb5.conf(4) for more details. #
#
# Please verify that you have created the directory /var/log.#
# #
# Replace MYREALM.XYZ.COM with your kerberos Realm. #