Oliver Weinmann
2010-Apr-07 09:45 UTC
[Samba] Kerberos method not working like use kerberos keytab?
Hi, I have a couple of old samba 3.0.30 installations. I enabled the "use kerberos keytab" option in the smb.conf file to aquire a tgt automatically when a user logs in. This works fine on 3.0.30 installs. On newer samba versions I recognized that the option has been phased out and replaced by a newer option called "kerberos method" the man page is not really clear about what to choose here so I googled and found the following: For existing installs: "use kerberos keytab = yes" corresponds to secrets and keytab "use kerberos keytab = no" corresponds to secrets only http://www.mail-archive.com/samba-cvs at lists.samba.org/msg55272.html Setting "kerberos method = secrets and keytab" doesn't work for some reason. I have not changed the /etc/security/pam_winbind.conf: [global] # turn on debugging ;debug = no # request a cached login if possible # (needs "winbind offline logon = yes" in smb.conf) cached_login = yes # authenticate using kerberos krb5_auth = yes # when using kerberos, request a "FILE" krb5 credential cache type # (leave empty to just do krb5 authentication but not have a ticket # afterwards) krb5_ccache_type = FILE # make successful authentication dependend on membership of one SID # (can also take a name) ;require_membership_of There is TGT aquired when a user logs in. Am I missing something in my configuration? This is really a cool feature for using NFSv4.