search for: addprinc

...how do you add the principal to the domain? Will adding the missing principal using "samba-tool spn" solve problems like these? According to https://help.ubuntu.com/community/SingleSignOn , you add a host to the kerberos realm by doing these two commands on the kerberos server: kadmin: addprinc -randkey host/client.example.com @ EXAMPLE.COM kadmin: ktadd -k ~/client.keytab host/client.example.com @ EXAMPLE.COM I am guessing that "kadmin: ktadd -k ~/client.keytab host/client.example.com@ EXAMPLE.COM" is the equivalent of "samba-tool domain exportkeytab ~/client.keytab --pri...

...need a way to test this portion unless (defined? TESTING) || File.exists?(@keytab_filename) # TODO replace with Kr5Auth when it supports admin actions - puts "Writing keytab file: #{@keytab_filename}" unless defined?(TESTING) - kadmin_local('addprinc -randkey ' + libvirt_princ) - kadmin_local('ktadd -k ' + @keytab_filename + ' ' + libvirt_princ) - kadmin_local('addprinc -randkey ' + qpidd_princ) - kadmin_local('ktadd -k ' + @keytab_filename + ' ' + qpidd_princ) +...

..._realm = krbV.Context().default_realm + +# In the following tuple, [0] is fqdn, [2] is ip address +server_fqdn = socket.gethostbyaddr(socket.gethostname())[0] + +rsyslog_princ = 'rsyslog/' + server_fqdn + '@' + default_realm +outname = '/etc/krb5.keytab' + +kadmin_local('addprinc -randkey ' + rsyslog_princ) +kadmin_local('ktadd -k ' + outname + ' ' + rsyslog_princ) + +os.chmod(outname, 0644) diff --git a/src/host-browser/host-browser.rb b/src/host-browser/host-browser.rb index d77b321..576b0f6 100755 --- a/src/host-browser/host-browser.rb +++ b/src/host-...

...File "/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/domain.py", line 117, in run net.export_keytab(keytab=keytab, principal=principal) Removing the realm from the request fails in the same way. If I was using Kerberos without samba, I would just do: kadmin -q "addprinc -randkey GEMSTONE64/bunk.gemtalksystems.com" kadmin -q "xst -norandkey -k my.keytab GEMSTONE64/bunk.gemtalksystems.com" but I know kadmin is a no-no under samba. How can I get a keytab which contains the service principal? Norm Green

Hi list, Is it possible to set up an NFSv4/Kerberos environment on CentOS 5.1? I set up Kerberos and NFS but get several erros "Warning: rpc.gssd appears not to be running. mount.nfs4: Permission denied" Is this an CentOS oder an config problem? Greetings Sebastian -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type:

Hi, What is/will be the support for Kerberos TGT tickets in Samba 3.0 ? I am trying to find a way to authenticate users on both Windows and unix stations against the same KDC (MIT) and it would help if Samba was able to grant access based on TGT tickets delivered to the windows client and then deliver accounting information to the stations. I am afraid this follow no standart protocol, but i

...t the clocks on all machines represent the same time (synced using a local NTP server) 3) Created a service principle for nfs.example.net by performing the following commands on the nfs.example.net machine: - (Performed on NFS server) a. kadmin (Logged in as an admin principle) b. addprinc -randkey nfs/nfs.example.net c. ktadd -e des-cbc-crc:normal nfs/nfs.example.net d. quit e. kinit nfs/nfs.example.net -k -t /etc/krb5.keytab f. klist to verify 4) Edited /etc/idmapd.conf with the following changes: - (Performed on NFS server) a. changed Nobody-{...

Hi Is there any way to re-export an nfs mounted directory? I am having three servers runnning on centos4.5 and i am trying to implement nfs share in an below manner [bcoz there is no alternative way for me to setup nfs share] HOST A--->>>EXPORTS /prod/data ------->>>HOST B HOST B ---->>MOUNTED ------>>> /prod/data-----UNDER---/PROD1 [working fine] HOST B