Rowland Penny
2024-Feb-28 10:01 UTC
[Samba] Samba, Kerberos, Autofs: Shares get disconnected
On Wed, 28 Feb 2024 09:02:20 +0100 "Pluess, Tobias" <tpluess at ieee.org> wrote:> Hallo again, > > I would like to ask if there exists any possibility to have a Samba > mount point with multiuser and with a credentials file or something > similar.Yes, mount them from fstab with the machine ticket. After your last post, I set up a share on one of my DCs, then mounted it with the machines ticket via fstab on another DC (they are the only computers that run 24/7) and 16 days later, the share is still up! Rowland
Pluess, Tobias
2024-Feb-28 10:56 UTC
[Samba] Samba, Kerberos, Autofs: Shares get disconnected
Hi Rowland, I tried that. As follows: [root at machinename mnt]# kinit -k MACHINENAME$ [root at machinename mnt]# klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: MACHINENAME$@CAMPUS Valid starting Expires Service principal 02/28/2024 11:50:55 02/28/2024 21:50:55 krbtgt/CAMPUS at CAMPUS renew until 02/29/2024 11:50:55 [root at machinename mnt]# mount -t cifs //server/share /mnt/test -osec=krb5,multiuser,username=MACHINENAME$ mount error(13): Permission denied Refer to the mount.cifs(8) manual page (e.g. man mount.cifs) I don't understand this, as with a personal user account it works. Also the machine itself is member of the group which has access to that particular share. Do I need to configure something else? the server is also a SAMBA server. The fun thing is, with Windows it just works absolutely perfectly. With Linux, I can either not mount (as shown above) or, if I can mount (using a Kerberos ticket from a existing user), I get the funny disconnects. (I recently did a test where I logged in, and let in a terminal run "watch -n1 kinit -R" and then this keeps the ticket much longer than just 10 hours, but after one week disconnects nevertheless.) On Wed, Feb 28, 2024 at 11:02?AM Rowland Penny via samba < samba at lists.samba.org> wrote:> On Wed, 28 Feb 2024 09:02:20 +0100 > "Pluess, Tobias" <tpluess at ieee.org> wrote: > > > Hallo again, > > > > I would like to ask if there exists any possibility to have a Samba > > mount point with multiuser and with a credentials file or something > > similar. > > Yes, mount them from fstab with the machine ticket. > > After your last post, I set up a share on one of my DCs, then mounted > it with the machines ticket via fstab on another DC (they are the only > computers that run 24/7) and 16 days later, the share is still up! > > Rowland > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba >