Displaying 20 results from an estimated 40000 matches similar to: "mount.cifs with kerberos"
2008 Jun 02
2
cifs and kerberos
Hi,
when I try to mount a windows share with a valide kerberos ticket :
mount.cifs //auberge.iut.lan/install_autocad /mnt/test/ -o
user='IUT\Administrateur',password=toto,sec=krb5i
I get this error :
Jun 2 12:32:51 brice-deb kernel: fs/cifs/cifs_spnego.c: key
description =
ver=0x1;host=auberge.iut.lan;ip4=10.31.0.12;sec=krb5;uid=0x0
Jun 2 12:32:51 brice-deb cifs.spnego:
2013 Sep 28
2
mount.cifs and kerberos failure
Hi guys,
This seems to be a well-known problem with mount.cifs on Ubuntu 12.04. Unfortunately, although I have applied the suggestions I found with google, I can't seem to be able to get mount.cifs to work with kerberos. I am trying to use kerberos to mount my Windows shares because this is the only allowed secure way in my company to connect to shares. Before anyone asks, I can successfully
2018 Oct 09
0
NFSv4, homes, Kerberos...
Hai,
I'm getting somewhere, here you go, a snap of what i have atm.
And what works atm. Im asuming you have winbind already running.
Obligated is A+PTR record in the DNS.
You can turn or the rdns check in krb5.conf but i did not test that.
# Tested on Debian Stretch - NFSv4 SERVER
apt-get install --auto-remove nfs-kernel-server
systemctl stop nfs-*
Added in krb5.conf below the
2017 Apr 11
0
Good practices to make a Kerberos "mount.cifs" launched by root but with the credentials of another user
Hi,
I have a Debian Stretch computer which is a "samba4 member
server" of an Samba4 AD domain (versions etc. are mentioned
at the end of the message). I think my config is OK and I
can open a _graphical_ session with an AD account user. The
display manager of the computer is Lightdm. For for instance,
I can open a graphical session with the AD account bob (uid
== 14001). In this case, I
2008 May 28
0
samba 3.2 mount cifs and kerberos
Hi,
Is mount.cifs with sec-krb5 or krb5i work with samna 3.2 and
cifs.spnego upcall ?
Regards,
Brice Rouanet.
****************************************
Brice Rouanet
Technicien informatique
D?partement Genie Chimique
Centre de Ressources Informatiques
****************************************
Tel : 05.62.25.89.97
Tel : 05.62.25.89.19
2018 Oct 10
0
NFSv4, homes, Kerberos...
Hai,
Hmm.. Bummer..
I just discovered the debian package dont have the vfs_nfs4acl include in the build.
And because of that it's not in my packages. I'll have a look into it, see what i can make of it.
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens
> L.P.H. van Belle via samba
> Verzonden: dinsdag 9
2008 Nov 25
0
CIFS, Kerberos over SSH tunnel (change service principal?)
I'm trying to set up a CIFS mount to a NetApp F840 called 'elmer' over
an SSH tunnel. I also tunnel the Kerberos ports to the Windows AD
server 'cannonstreet' Using Ubuntu hardy, with recent updates for CIFS
that are claimed to work:
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/236830
I tunnel like this:
ssh -f -N -x -o TCPKeepAlive=yes -L88:cannonstreet:88
2011 Jul 06
1
CIFS proxy
Hi,
I need to run a Samba CIFS proxy (not DFS) in an AD environment. What we
tried so far is mounting the remote share with mount.cifs and "-o
sec=krb5i,multiuser" and share it through samba. But mount.cifs's
multiuser option requires local access to the domain user's kerberos
tickets, i.e, if I login as a domain user and run kinit to get a ticket,
everything works. If the
2006 Nov 21
0
Can samba mount to SBS2003?
mount -t cifs works to an Active Directory SBS2003, but I cannot open
any files even though I can write files and change directory.
smbclient -k works fine and opens files and I have done the net ads join
and kinit.
How do I get mount -t cifs to use the kerberos ticket created by kinit?
I have tried -0 sec=krb5 and krb5i
Are there any error logs to look at?
Any help would be great.
Thanks
2018 Oct 10
1
NFSv4, homes, Kerberos...
Thank you for that, i did have a good look at that one.
And i use Debian 9, if you test what i posted below in the thread, you will see NFSv4 works fine.
Below is missing one more thing, the "allow to delegate (kerberos only) " on the computer object in the AD, should be enabled.
And yes, i've see bugchecks also but only on my debian .. Lenny.. Stt.. ;-) .. Its my last lenny
2018 Nov 06
2
Samba CIFS Mounts with Kerberos Security: Write Access denied
Hi all,
I am testing different setups for Samba home share mounts via the
CIFS protocol on Linux clients with and without Keberos security (both
krb5 and krb5i). I am experiencing some strange behaviour in case of
Kerberos authentication:
In case of mounts (by root or the user itself) without Kerberos security (only
NTLMv2 authentication), local root and the owning user on the Linux client
2017 May 10
0
Using smbclient and mount.cifs with SPN in Keytab
Does it work if you test like this.
kinit testuser at EXAMPLE.COM
mount -t cifs -o sec=krb5 //server.example.com/export /mnt/cifs
Have a look here :
https://runops.wordpress.com/2015/03/05/setup-linux-cifs-autofs-automount-using-kerberos-authentication/
I cant tell much about automount, i use it but through systemd for my nfsv4 mounts.
Greetz,
Louis
> -----Oorspronkelijk
2018 Oct 09
0
NFSv4, homes, Kerberos...
Hi Marco,
You will hit muliple problems, most can be solved.
Im installing a new member here with samba 4.8.5 and building new samba 4.8.6 atm. ;-).
Im (trying to ) fix this also again in this new setup.
Below it a bit of what i know.
> Client are in DHCP, so it is hard to use 'normal' NFSv3 mount, eg
> security by IP.
If they register ( or are registered) in the dns correctly
2007 May 04
2
mount.cifs and sec=krb5
Hello fellow Samba folks,
I am attempting to mount a cifs share on a RHEL 5 box using
mount.cifs. The server is another RHEL 5 box. Both boxes are joined
to the same Kerberos realm (AD).
I kinit to get my Kerberos tickets.
This is the mount command I'm using:
mount.cifs //rhel5.server.iastate.edu/benvon ./mnt -o
user=benvon,sec=krb5
This results in a password prompt, then a
2023 Oct 15
1
reliability of mounting shares while login
Hi @all,
I have some problems when using pam_mount.conf.xml to mount shares via kerberos (and also for ntlm) regarding reliability of the mount. I have tested the issue with 2 different environments. My environments are: 2 Microsoft Domain Controllers + a separate fileserver and Ubuntu 18.04 or 22.04 as clients. My other tested environment is one Microsoft Server 2019 (as domain controller and
2006 Nov 21
0
Mount to SBS 2003
Has anyone got FC5 to mount to an SBS2003 server?
kinit .. Works
net ads join ...works
mount -t cifs does the mount, but files cannot be read. I can cd to any
directory, even create files, but cannot read any file, just get access
denied.
smbclient -k..works and reads files ok.
I've tried krb5, krb5i as options to mount, but still no joy.
Has anyone seen this problem?
Thanks
Mark
2018 Oct 11
2
NFSv4, homes, Kerberos...
Hai Marco,
> -----Oorspronkelijk bericht-----
> Van: Marco Gaiarin [mailto:gaio at sv.lnf.it]
> Verzonden: donderdag 11 oktober 2018 14:15
> Aan: L.P.H. van Belle
> Onderwerp: Re: [Samba] NFSv4, homes, Kerberos...
>
> Mandi! L.P.H. van Belle
> In chel di` si favelave...
>
> > If you want to test the module, i have a set ready to test.
>
> Ahe,
2005 Jan 28
0
CIFS with Kerberos and client signing
Hi,
I'm trying to mount a Samba share on Linux 2.6.10, using samba-3.0.7.
The authentication is done using Kerberos V5, on a Windows server.
The share is located on a Solaris server that uses samba-3.0.10.
Authentication with Kerberos is functional (I can get a ticket
using kinit(1)).
The server requires client (packet?) signing. The admins in charge
of the server refuse to make it
2009 Sep 19
1
cifs.upcall not respecting krb5ccname env var?
Hello,
I've been doing some extensive troubleshooting with respect to some issues
mounting CIFS shares on a Windows box via Kerberos. We're using the command:
/sbin/mount.cifs //whatever/whatever /whatever -o sec=krb5i
This should mount the share using Kerberos & Packet-signing by using the
cached credentials of the user executing the command. With judicious use of
strace, it
2020 Mar 09
0
mount share using kerberos ticket fails
Did you "deleated the computer object" to allow kerberos services.
And did you add the CIFS/spn to the computer and keytab ?
https://wiki.samba.org/index.php/Generating_Keytabs
If its a member, which i assume.
kinit Administrator
net ads keytab add cifs/$(hostname -f) -k
net ads keytab add_update_ads -k
Add these and it should work.
You might need to restart or reboot., sometimes