This puts promoted_dc and ad_dc_ntvfs in sync, and avoids an issue in the former
environment where the Heimdal KDC will use the smb.conf from one of the two DCs,
and the MIT KDC will use the smb.conf from the other.
Signed-off-by: Jennifer Sutton <jennifersutton@catalyst.net.nz>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
^samba4.krb5.kdc\ with\ account\ having\ identical\ UPN\ and\ SPN.canon.no-canon.no-enterprise.uc-user.spn.no-canon.no-enterprise.uc-user.spn\(promoted_dc\)
^samba4.krb5.kdc\ with\ account\ having\ identical\ UPN\ and\ SPN.canon.no-canon.no-enterprise.uc-user.upn.no-canon.no-enterprise.uc-user.upn\(promoted_dc\)
^samba4.krb5.kdc\ with\ machine\ account.canon.no-canon.no-enterprise.lc-user.removedollar.no-canon.no-enterprise.lc-user.removedollar\(fl2000dc:local\)
-^samba4.krb5.kdc\ with\ machine\ account.canon.no-canon.no-enterprise.lc-user.removedollar.no-canon.no-enterprise.lc-user.removedollar\(promoted_dc:local\)
^samba4.krb5.kdc\ with\ machine\ account.canon.no-canon.no-enterprise.uc-user.removedollar.no-canon.no-enterprise.uc-user.removedollar\(fl2000dc:local\)
-^samba4.krb5.kdc\ with\ machine\ account.canon.no-canon.no-enterprise.uc-user.removedollar.no-canon.no-enterprise.uc-user.removedollar\(promoted_dc:local\)
ntlm auth = ntlmv2-only
kdc force enable rc4 weak session keys = yes
+ kdc name match implicit dollar without canonicalization = no
[sysvol]
path = $ctx->{statedir}/sysvol
projects / thirdparty / samba.git / commitdiff
