Problems trying to authenticate Unix users via Active Directory

Wyllys Ingersoll wyllys.ingersoll at sun.com
Mon Aug 29 10:10:14 EDT 2005


Bill Smith wrote:

>>From what I've found, it seems to be an issue with the user being in too 
>many AD groups, the Windows KDC wanting to use TCP rather than UDP, and the 
>MIT version not supporting it.  What I'm not certain on is whether is the 
>version shipped with Solaris 9 is MIT-based or something proprietary to 
>Solaris.  I've found some mention of setting a registry key on the Windows ]
>  
>

The SEAM packages in Solaris are based on MIT, though they are not 
identical, there are
some minor differences.    Solaris 9 SEAM does not have TCP support, 
which is needed
to work with Windows 2003 server.   There are workarounds, as others 
have pointed out.

>
>At this point, we're still having the problem with no resolution.  Has 
>anyone else encountered this issue?  If so, is there a patch from SUN to 
>address it or did you have to do something else?  Would appreciate any 
>insight into this problem
>  
>

I'm not sure if we have a patch for Solaris 9, but I do know that 
Solaris 10 has TCP support
and does not suffer the same problems as the Solaris 8 and 9 versions.

-Wyllys



More information about the Kerberos mailing list