I have curently configured a linux box to logon against a win2000 ADS with several hosted domains. It works right except for the fact that it only does it if i use the pre-windows2000 logon name (domain\\user_hosting) instead of the win2000 logon name(user@hosting), wich is what i need since there is a large base installed and configured that way! I've tried using the domain and the ADS security models, with and without kerberos as needed and it only works that way, with the pre-windows2000 name only. Thanks in advance! Carlos Ospina
hello, i'd like to ask if this has been reviewed or maybe, luckily for me, there is a patch or something, so i can help and try it.
the problem is that lsa_lookup_name() against 2k (haven't tried 2k3) will not resolve the SID for the user_principal name.
hi, sorry to disturb :) Is there any fix to this in the new versions? Thanks in advance!
update; actually, 2k[3] will resolve the sid for a UPN. You just have to use the full UPN and not just the principal portion of it. $ rpcclient spud -U Administrator -W AD -c \ 'lookupnames gerald.carter@ad.plainjoe.org jerry' gerald.carter@ad.plainjoe.org S-1-5-21-3234968684-14787312-124015166-1828 jerry S-1-5-21-3234968684-14787312-124015166-1828
Fixed for 3.2.0