samba - Oct 2004 - solved: My 'net ads keytab' can't write to keytab in samba 3.0.6

Hello.

I recompiled from the samba.org 3.0.7 SRPMs and it worked like a charm.  I think
the problem may have been that I was using RHEL3's 3.0.6 samba RPMs which
depended on their own krb5-libs, and I used kerberos rpms that don't use
e2fsprogs's libcom_err.

Anyone privilaged enough to be using RHEL3 to integrate their linux machines
into ADS may want to rebuild anything depending on kerberos, at least if they
followed the same path I did.

Best regards,
Al


> 
> Hello,
> 
> I'm trying to authenticate all our linux machines to our ADS domain. 
As of now, I'm still in the process of setting up all the individual
components before pushing the setup out.  I've made quite a bit of progress,
but I've hit a hitch when trying to add the machine's service principals
(the 'host' primary specifically) to its keytab.
> I've searched, but I haven't seen this particular issue addressed. 
I get the same results when doing 'net ads join' and 'net ads keytab
create/add/flush' (which makes sense because they all end up calling
ads_keytab_add_entry anyway). Here's my output:
>
>   ads_keytab_add_entry: adding entry to keytab failed (Cannot write to
specified key table)
> [2004/10/25 12:56:41, 1]
libads/kerberos_keytab.c:ads_keytab_create_default(418)
>   ads_keytab_create_default: ads_keytab_add_entry failed while adding
'host'.
> [2004/10/25 12:56:41, 1] utils/net_ads.c:net_ads_join(829)
>   Error creating host keytab!
> Joined 'LNX251' to realm 'NA.OURCOMPANY.COM'
> [2004/10/25 12:56:41, 2] utils/net.c:main(792)
>   return code = 0
> 
-- 
___________________________________________________________
Sign-up for Ads Free at Mail.com
http://promo.mail.com/adsfreejump.htm