change password expired because domain is not found
Lara Adianto
m1r4cle_26 at yahoo.com
Tue Jun 22 07:08:01 EDT 2004
hello everybody,
I've posted this question a few weeks ago, but no one
replied, and *sigh*, I'm stil stucked.
Scenario:
Win2k client authenticates to MIT KDC
Problem:
When the user's password is expired, windows will
prompt user with new password. However, change
password failed because domain MIT.REALM.COM cannot be
found.
>From ethereal, I can see that the win2k client does a
CLDAP request, with filter: (&(DnsDomain =
MIT.REALM.COM)(Host=win2k_machine)(NtVer=\006). Since
this is not successful, it does IPX request and then
NBNS for domain MIT.REALM.COM.
How can I resolve this problem ?
1. Should I setup a MS-CLDAP server on a w2kserver
(which is not my KDC), or can I use openldap with
--enable-cldap (anyone ever tried this ?) ?
2. Is there any better and easier way than setting up
the CLDAP server ? WINS ?
regards,
lara
=====
------------------------------------------------------------------------------------
La vie, voyez-vous, ca n'est jamais si bon ni si mauvais qu'on croit
- Guy de Maupassant -
------------------------------------------------------------------------------------
__________________________________
Do you Yahoo!?
New and Improved Yahoo! Mail - 100MB free storage!
http://promotions.yahoo.com/new_mail
More information about the Kerberos
mailing list