search for: samba_principal

Am 10.01.19 um 14:09 schrieb Rowland Penny via samba: > You don't ;-) > You do what the script should have done (I feel version 0.8.10 will > soon make an appearance), export the cache to use <export > KRB5CCNAME="/tmp/dhcp-dyndns.cc"> and then use '$KRB5CCNAME' wherever > '/tmp/dhcp-dyndns.cc' appears, except for: > [...] Yes, that worked.

(@Rowland) > Whilst it is quite correct to say that the REALM isn't the same as a > DNS domain, there is a correlation between them. The REALM must be the > DNS domain in uppercase, so this: > > SAMBA_PRINCIPAL=dehydrated-service at YOUR.DOMAIN No, you can have your.primayDNSdomain.tld and have REALM = SOMEREALM.TLD Its not obligated to have REALM the same as the DnsDomain. Its also not obligated to have the realm uppercased, but in my opinion, that should be obligated because programs expect often REAL...

...> > > (@Rowland) > > > > > Whilst it is quite correct to say that the REALM isn't > the same as a > > > DNS domain, there is a correlation between them. The REALM must be > > > the DNS domain in uppercase, so this: > > > > > > SAMBA_PRINCIPAL=dehydrated-service at YOUR.DOMAIN > > > > No, you can have your.primayDNSdomain.tld and have REALM = > > SOMEREALM.TLD Its not obligated to have REALM the same as the > > DnsDomain. > > We are talking a Samba AD DC here and this means the realm must be the > same...

...REALM. ( 2 > different things here dont mix them. ) > > YOUR.REALM is not the same as primary.dnsdomain.tld. Whilst it is quite correct to say that the REALM isn't the same as a DNS domain, there is a correlation between them. The REALM must be the DNS domain in uppercase, so this: SAMBA_PRINCIPAL=dehydrated-service at YOUR.DOMAIN Could also be written as this: SAMBA_PRINCIPAL=dehydrated-service@"$(echo "$(hostname -d)" | tr '[:lower:]' '[:upper:]')" > REALM domain = PRIMARY.DNSDOMAIN.TLD or better translated as : > YOUR.REALM ( to keep some co...

...imary.dnsdomain.tld. REALM domain = PRIMARY.DNSDOMAIN.TLD or better translated as : YOUR.REALM ( to keep some confusion away and in CAPS ) Even when (dnsdomain) primary.dnsdomain.tld has the same REALM DOMAIN PRIMARY.DNSDOMAIN.TLD ( == YOUR.REALM ) These are not the same things. I suggest : SAMBA_PRINCIPAL=dehydrated-service at YOUR.REALM SAMBA_DOMAIN=primary.dnsdomain.tld SAMBA_DNSSERVER=dc.${SAMBA_DOMAIN} Since its running on the DC your updateing. You should be able to use : SAMBA_DOMAIN=$(hostname -d) SAMBA_DNSSERVER=$(hostname -f) Keep REALM always in CAPS. Show the difference between the...