Hi,
I'm working in an educational environment so I've some obligations
that complicate my work. For example in all rooms of practical class all
the workstations are in dual boot (Win7 + XUbuntu 14.04). I've tried 2
solutions :
1- Setting the same hostname to both OS, joigning Win7 to AD
and using the created (by joining) keytab on linux side for sssd.
2- Setting different hostname to both OS, joigning Win7 to AD
and joigning linux to AD, using winbind for users and groups.
I've chosen the first one (may be it's not the better choice....),
but actually I'm facing a strange problem... some times my keytab on the
Samba4 server is updated (KVNO incremented) without any human
intervention.... so my sssd on linux side can't speak with the server
anymore....
Is anybody know why a keytab can change internaly ?
Can Win7 change keytab (refresh or modify or anything else) when
any user using it ?
I just want to understand why I have to upload new keytab on linux
side frequently ?
I know this problem isn't really a samba problem, but I hope that
somebody on this list knows this behaviour...
Thanks by advance,
Best regards,
Bruno.
--
Bruno MACADRE
-------------------------------------------------------------------
Ing?nieur Syst?mes et R?seau | Systems and Network Engineer
D?partement Informatique | Department of computer science
Responsable Info SER | SER IT Manager
Universit? de Rouen | University of Rouen
-------------------------------------------------------------------
Coordonn?es / Contact :
Universit? de Rouen
Facult? des Sciences et Techniques - Madrillet
Avenue de l'Universit?
CS 70012
76801 St Etienne du Rouvray CEDEX
FRANCE
T?l : +33 (0)2-32-95-51-86
Mob : +33 (0)6-74-71-45-64
-------------------------------------------------------------------
Hi Bruno, On 09/30/2014 11:12 PM, Bruno MACADR? wrote:> Hi, > > I'm working in an educational environment so I've some obligations > that complicate my work. For example in all rooms of practical class > all the workstations are in dual boot (Win7 + XUbuntu 14.04). I've > tried 2 solutions : > > 1- Setting the same hostname to both OS, joigning Win7 to AD > and using the created (by joining) keytab on linux side for sssd. > > 2- Setting different hostname to both OS, joigning Win7 to AD > and joigning linux to AD, using winbind for users and groups. > > I've chosen the first one (may be it's not the better choice....), > but actually I'm facing a strange problem... some times my keytab on > the Samba4 server is updated (KVNO incremented) without any human > intervention.... so my sssd on linux side can't speak with the server > anymore....Is Samba4 your AD DC ?, if so when you say that the keytab is updated is not really that it's the info stored in the computer object that are changed (and amongst them the kvno).> > Is anybody know why a keytab can change internaly ? > > Can Win7 change keytab (refresh or modify or anything else) when > any user using it ?Windows machine are changing periodically their password, when the password is changed the kvno is also changed.> > I just want to understand why I have to upload new keytab on linux > side frequently ? > > I know this problem isn't really a samba problem, but I hope that > somebody on this list knows this behaviour... >You can create a GPO that will apply only on Computers to disable password change. -- Matthieu Patou Samba Team http://samba.org