search for: service_princip

First thing - I'd like to say a big "THANK YOU" to the developers. I just upgraded to samba-3.0.23 and I've noticed an alarming issue with respect to my configuration. I've been using the built-in keytab management and it looks like the updated code no longer creates the userPrincipal in Active Directory. Whether this is an issue for others or not, it would be nice to have

I finally found it, thanks to a clue from https://wiki.archlinux.org/index.php/Active_Directory_Integration This works: kinit -k -t /etc/krb5.keytab 'WRN-RADTEST$' These don't work: kinit -k -t /etc/krb5.keytab kinit -k -t /etc/krb5.keytab host/wrn-radtest.ad.example.net kinit -k -t /etc/krb5.keytab host/wrn-radtest That is: the keytab contains three different principals: root

...; you should get a keytab created without having to manually create it. Ah cool, yes that does happen now. L.P.H. van Belle wrote: > This is what i found, dont know if thats exact what your looking for. > > ( module ) > krb5 { > keytab = /etc/freeradius/keytab > service_principal = radius/radius.example.com > } I can't use rlm_krb5, because I plan to use PEAP+MSCHAP for wifi authentication. The krb5 module requires a cleartext password, but MSCHAP does not pass a cleartext password. (It is possible to use krb5 authentication with TTLS+PAP or TTLS+GTC, both of...

...-u: correct list of local + AD members wbinfo -g: correct list of local + AD groups kinit: succeeded klist output for root from the samba machine: Ticket cache: FILE:/tmp/krb5cc_0 Default prinicpal: Administrator@THIS.DOMAIN Valid starting Expires Service_principal 11/03/03 19:00:38 11/04/03 05:00:38 krbtgt/THIS.DOMAIN@THIS.DOMAIN Kerberos 4 ticket cache: /tmp/tkt0 klist: You have no tickets cached pam.d/login modified and working AD users can log into local terminal of samba machine, and if home dir is missing, created vi...

I am trying to use a keytab for a client machine to authenticate to Samba's own LDAP server. The samba servers (replicated) are ubuntu 16.04 with samba 4.5.2 compiled from source. The client machine is ubuntu 16.04 with stock samba 4.3.11. It has been joined directly to the Samba domain ("net ads join"). I have also extracted a keytab ("net ads keytab create -P")