Displaying 2 results from an estimated 2 matches for "urealm".
Did you mean:
realm
2015 Sep 01
3
ldbadd with kerberos ticket => 00002020: Operation unavailable without authentication
Hi,
I'd like to use ldbadd with kerberos authentication using samba
4.2.3-SerNet-Debian-7.jessie, but it seems authentication is not being
processed. Executing...
kinit Administrator at INTERNAL.DOMAIN.TLD -k -t /etc/admin.keytab
root at dc01:/# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: Administrator at INTERNAL.DOMAIN.TLD
Valid starting Expires Service
2015 Sep 01
0
ldbadd with kerberos ticket => 00002020: Operation unavailable without authentication
...pire:
samba-tool user setexpiry admin --noexpiry
You now need to export the users keytab:
samba-tool domain exportkeytab /etc/admin.keytab --principal=admin
Now you have the keytab you can now run kinit and create the ticket cache:
kinit -F -k -t /etc/admin.keytab -c /tmp/krb5cc_admin admin at UREALM #
<--change 'UREALM' to your uppercase realm name
finally you can run run ldbadd command:
ldbadd ldap://localhost --kerberos=yes --krb5-ccache=/tmp/krb5cc_admin
<< EOF
......
HTH
Rowland