Hello list,
In the release note of Samba 3.0.6 the following parameter is described:
o Maintaining the service principal entry in the system
keytab for integration with other kerberized services.
Please refer to the 'use kerberos keytab' entry in
smb.conf(5). When using the heimdal kerberos libraries,
you must also specify the following in /etc/krb5.conf:
[libdefaults]
default_keytab_name = FILE:/etc/krb5.keytab
I'm trying to do a kinit with the following command:
kinit -k -c /etc/.ldapcache -S ldap/dc.example.com \
host/<host> && chmod a+r /etc/.ldapcache
I get the error that preauthentication failed. Joining a PC to a domain also
works quite
well. And the services are also working fine. I want to use the Machine-Account,
to verfiy
a GSSAPI-Login against an Openldap-Server with the PADL nss_ldap-Gateway and
SASL login.
My Samba-Konfiguration:
[global]
REALM = MY_REALM.NET
security = ads
use kerberos keytab = true
I also inserted the following to my heimdal configuration file:
default_keytab_name = FILE:/etc/krb5.keytab
Can please someone help me, if I'm making a configuration mistake or
something else?
I tested everything on a SuSE-Linux Professional 9.2 with Samba 3.0.9.
Greetings
S.B.
