Manualshelf

HP CIFS Server 3.0g Administrator's Guide verison A.02.03.01

ManualsBrandsHP ManualsSoftwareHP-UX Common Internet File System (CIFS) Client/Server Software
71727374757677787980
The possible errors during verification are as follows:
Pre-Authentication Failed means you have typed the password incorrectly.
Clock skew too great means the time on the HP-UX machine is not synchronized
with the Windows domain controller. Execute the date command to reset the date or
set TZ=GMT and try again.
You may see the warning message, kinit: KDC has no support for encryption
type while getting initial credentials. You must change your Administrator
password at least once from the original password that you used for Administrator
when installing your Windows 2000/2003 Domain.
Check the content of the /etc/krb5.conf file for syntax or content errors and ensure
that port :88 has been added to the kdc entry in the [Realms] section.
4. Use the following procedures to configure the HP CIFS Server:
For new installations, you can run /opt/samba/bin/samba_setup and choose ADS
Member Server.
For new installations, finish samba_setup commands and verify the following
smb.conf configuration items. samba_setup will then perform the "net ads join
-U Administrator%password" command to join the ADS domain for you.
[global]
workgroup = MYREALM # Domain Name
realm = MYREALM.XYZ.COM
security = ADS
domain master = no
encrypt passwords = yes
password server = adsdc.myrealm.xyz.com
netbios name = MYSERVER
For existing installations, modify smb.conf configuration items as follows:
[global]
workgroup = MYREALM # Domain Name
realm = MYREALM.XYZ.COM
security = ADS
domain master = no
encrypt passwords = yes
password server = adsdc.myrealm.xyz.com
netbios name = MYSERVER
Then join the ADS domain by manually executing the "net ads join -U
Administrator%password" command.
5. Use the following command to start your HP CIFS Server:
/opt/samba/bin/startsmb
6. Run the following command to verify Kerberos authentication. In the following command,
the -k option is required to force the use of Kerberos security:
smbclient -W <Window Domain> -U <user name in domain>
-k //<HP CIFS Server name>/<share> <password for user>
Joining an HP CIFS Server to a Windows 2000/2003 Domain 79