Displaying 2 results from an estimated 2 matches for "cofil01".
2012 Jul 09
2
How do I get an ssh client to authenticate with samba4's kerberos GSSAPI?
...-cbc-crc des-cbc-md5
v4_instance_resolve = false
v4_name_convert = {
host = {
rcmd = host
ftp = ftp
}
plain = {
something = something-else
}
}
fcc-mit-ticketflags = true
[realms]
MYDOMAIN.NET = {
kdc = cofil01.mydomain.net:88
default_domain = mydomain.net
}
[domain_realm]
.mydomain.net = MYDOMAIN.NET
mydomain.net = MYDOMAIN.NET
[login]
krb4_convert = true
krb4_get_tickets = false
====================================================
The server side krb5.conf contains this:
=...
2012 Jul 12
2
nslcd service - "Client not found in Kerberos database"
Hi,
I am trying to configure the nslcd service on an Ubuntu client for kerberos
authentication against samba4. My /etc/nslcd.conf contains the following:
uid nslcd
gid nslcd
uri ldapi:///cofil01.mydomain.net
base dc=mydomain,dc=net
sasl_mech GSSAPI
krb5_ccname FILE:/tmp/host.tkt
I have added the host principal "host/ubuntu-test.mydomain.net @
MYDOMAIN.NET" to /etc/krb5.keytab on both the samba4 server and the client
by using ktutil. I have confirmed that the principals exist on...