Linux and Windows interoperability problem

akshar kanak akshar.kerberos at
Fri Oct 27 01:20:19 EDT 2006

Dear Team
       I am facing some Kerberos interoperability problem
My setup is as follows .I have a SMB client on an embedded device ,a Windows
2003 Domain Controller (Domain Name  : TESTDOMAIN) and
Windows XP maincine (WINXP) which has the SMB server or CIFS server.We want
to have a LInux KDC which does the same operation as that of KDC in Domain
controller.Please can any body give me following infomation

1)When WINXP is added to the Domain Controller(TESTDOMAIN).The service
principal cifs/WINXP at TESTDOMAIN is automatically
created and its service key(key which should be shared between KDC and
server) is stored with Domain Controller.Is it Right ???

2)When anybody logs into the machine WINXP with Domain Controller
(TESTDOMAIN) as KDC then WINXP will query this key through LDAP from Domain
Controller .Am I right?

3)Is it possible to extract this key and store it into a keytab file , so
that I can merge it with Linux KDC  keytab file??

4)I used  ktpass.exe  to map cifs/WINXP at TESTDOMAIN to a user and generate
keytab file .This keytab file was merged with Linux KDC.
Then i used  Linux machine as KDC and WINXP as
sever(cifs).AS_REQ,AS_REP,TGS_REQ,TGS_REP were fine but AP_REQ was rejected
by the server
because of improper key

Please can anybody help me :((

Thanks and Regards

More information about the Kerberos mailing list