Displaying 20 results from an estimated 5000 matches similar to: "Samba 4 howto add nfs to krb5.keytab"
2012 Jan 08
3
Samba 4 krb5.keytab confusion
Hi
I have Samba 4 installed and working. I recently changed FQDN to dns
name hh3.hh3.site. It works OK and e.g. on a windows 7 box which joined
the domain, users can logon. But I have a mess in the keytab:
klist -k /etc/krb5.keytab
Keytab name: WRFILE:/etc/krb5.keytab
KVNO Principal
----
--------------------------------------------------------------------------
2 HH3$@HH3.HH1.SITE
2
2012 Feb 10
1
latest Samba 4 does not look in keytab
Hi
After upgrading to
Version 4.0.0alpha18-GIT-24ed8c5 on Ubuntu 11.10, Samba 4 no longer
looks in the keytab for my nfs server entry:
mount -t nfs4 foo bar --o sec=krb5
Kerberos: AS-REQ nfs/hh3.hh3.site at HH3.SITE from ipv4:192.168.1.3:53213
for krbtgt/HH3.SITE at HH3.SITE
Kerberos: UNKNOWN -- nfs/hh3.hh3.site at HH3.SITE: no such entry found in hdb
The nfs entry is in the keytab:
klist -ke
2012 Jan 11
6
Samba 4 kerberos and kinit
Hi
After starting Samba 4, before anyone can do anything, Administrator has
to do a kinit to get a new ticket. This creates a cache /tmp/krb5cc_0
with an expiry time.
I've created a host principal and put it into the keytab:
samba-tool spn add host someuser
samba-tool domain exportkeytab /etc/krb5.keytab --principal=host/HH3.SITE
How can I keep Samba 4 up without having to get a new
2011 Dec 28
1
login via Samba 4 LDAP
Hi
I've rfc2703'd the Samba 4 LDAP for a user e.g. steve4. I can search the
database and view it with phpldapadmin. I can't login from a linux console:
ldapsearch -LLL "(cn=steve4)"
SASL/GSSAPI authentication started
SASL username: steve4 at HH3.SITE
SASL SSF: 56
SASL data security layer installed.
dn: CN=steve4,CN=Users,DC=hh3,DC=site
cn: steve4
instanceType: 4
2012 Jan 28
2
nfs4 with Samba 4
Hi everyone
Version 4.0.0alpha18-GIT-bfc7481
openSUSE 12.1
Conventional nfs4 export works fine, but I'm having trouble kerberizing
it for Samba 4 for my Samba 4 users.
I've setup the nfs4 pseudo stuff like this:
hh3:/ # mkdir /export
hh3:/ # mkdir /export/home
hh3:/ # mount --bind /home /export/home
Here is /etc/exports:
/export
2016 Sep 14
5
Exporting keytab for SPN failure
> On Sep 14, 2016, at 10:44 AM, Achim Gottinger via samba <samba at lists.samba.org> wrote:
>
>
>
> Am 14.09.2016 um 05:53 schrieb Michael A Weber via samba:
>> Experts—
>>
>> I’m attempting to export a keytab for a created SPN on the AD DC machine but I’m receiving an error:
>>
>> ERROR(runtime): uncaught exception - Key table entry not
2011 Dec 22
1
Samba 4 Kerberos: Failed to decrypt PA-DATA
Hi everyone
After almost 2 days up-time with Samba 4, it failed again. This time it
simply will not restart.
The krb5.conf had got corrupted. I replaced it with this one from
/usr/local/samba/private
/etc/krb5.conf
[libdefaults]
default_realm = HH3.SITE
dns_lookup_realm = false
dns_lookup_kdc = true
It starts up OK:
samba -i -d 3
lpcfg_load: refreshing parameters from
2016 Sep 15
3
Exporting keytab for SPN failure
Am 15.09.2016 um 09:35 schrieb Rowland Penny via samba:
> On Wed, 14 Sep 2016 16:23:27 -0500
> Michael A Weber via samba <samba at lists.samba.org> wrote:
>
>>> On Sep 14, 2016, at 2:00 PM, Achim Gottinger <achim at ag-web.biz>
>>> wrote:
>>>
>>>
>>>
>>> Am 14.09.2016 um 20:33 schrieb Michael A Weber:
>>>>>
2016 Sep 16
6
Exporting keytab for SPN failure
Am 16.09.2016 um 22:00 schrieb Robert Moulton via samba:
> Achim Gottinger via samba wrote on 9/15/16 1:20 AM:
>>
>>
>> Am 15.09.2016 um 09:35 schrieb Rowland Penny via samba:
>>> On Wed, 14 Sep 2016 16:23:27 -0500
>>> Michael A Weber via samba <samba at lists.samba.org> wrote:
>>>
>>>>> On Sep 14, 2016, at 2:00 PM, Achim
2016 Sep 14
2
Exporting keytab for SPN failure
> On Sep 14, 2016, at 2:00 PM, Achim Gottinger <achim at ag-web.biz> wrote:
>
>
>
> Am 14.09.2016 um 20:33 schrieb Michael A Weber:
>>
>>> On Sep 14, 2016, at 1:10 PM, Achim Gottinger <achim at ag-web.biz <mailto:achim at ag-web.biz>> wrote:
>>>
>>>
>>>
>>> Am 14.09.2016 um 19:53 schrieb Michael A Weber:
2012 Aug 15
1
Samba4 DC with Samba3 file-server howto
Hi
I have a Samba4 DC (hh30.hh3.site, 192.168.1.30) and a Samba3 VM on the
same box (hh33.hh3.site, 192.168.1.33).
How do I tell XP and 7 clients to look at the S4 DC for authentication
and the S3 fileserver for files?
It already does the authentication bit OK. It's mainly the second part
of the question as to how to instruct the m$ boxes to look at the
file-server rather than the DC
2016 Sep 14
2
Exporting keytab for SPN failure
> On Sep 14, 2016, at 1:10 PM, Achim Gottinger <achim at ag-web.biz> wrote:
>
>
>
> Am 14.09.2016 um 19:53 schrieb Michael A Weber:
>>
>>> On Sep 14, 2016, at 12:23 PM, Achim Gottinger via samba <samba at lists.samba.org <mailto:samba at lists.samba.org>> wrote:
>>>
>>>
>>>
>>> Am 14.09.2016 um 18:23 schrieb
2016 Sep 16
2
Exporting keytab for SPN failure
Am 16.09.2016 um 22:49 schrieb Rowland Penny via samba:
> On Fri, 16 Sep 2016 22:43:42 +0200
> Achim Gottinger via samba <samba at lists.samba.org> wrote:
>
>>
>> Am 16.09.2016 um 22:00 schrieb Robert Moulton via samba:
>>> Achim Gottinger via samba wrote on 9/15/16 1:20 AM:
>>>>
>>>> Am 15.09.2016 um 09:35 schrieb Rowland Penny via
2016 Sep 16
2
Exporting keytab for SPN failure
On Fri, 16 Sep 2016 13:00:52 -0700
Robert Moulton via samba <samba at lists.samba.org> wrote:
> Achim Gottinger via samba wrote on 9/15/16 1:20 AM:
> >
> >
> > Am 15.09.2016 um 09:35 schrieb Rowland Penny via samba:
> >> On Wed, 14 Sep 2016 16:23:27 -0500
> >> Michael A Weber via samba <samba at lists.samba.org> wrote:
> >>
>
2016 Sep 17
2
Exporting keytab for SPN failure
On Fri, Sep 16, 2016 at 6:08 PM, Achim Gottinger via samba
<samba at lists.samba.org> wrote:
>
>
> Am 17.09.2016 um 02:36 schrieb Achim Gottinger via samba:
>>
>>
>>
>> Am 17.09.2016 um 02:19 schrieb Achim Gottinger via samba:
>>>
>>>
>>>
>>> Am 17.09.2016 um 01:23 schrieb Robert Moulton:
>>>>
>>>>
2016 Sep 17
2
Exporting keytab for SPN failure
Am 17.09.2016 um 02:19 schrieb Achim Gottinger via samba:
>
>
> Am 17.09.2016 um 01:23 schrieb Robert Moulton:
>> Achim Gottinger via samba wrote on 9/16/16 4:14 PM:
>>>
>>>
>>> Am 17.09.2016 um 00:54 schrieb Achim Gottinger via samba:
>>>>
>>>>
>>>> Am 17.09.2016 um 00:29 schrieb Robert Moulton via samba:
2016 Sep 16
2
Exporting keytab for SPN failure
Am 16.09.2016 um 23:00 schrieb Robert Moulton via samba:
> Rowland Penny via samba wrote on 9/16/16 1:43 PM:
>> On Fri, 16 Sep 2016 13:00:52 -0700
>> Robert Moulton via samba <samba at lists.samba.org> wrote:
>>
>>> Achim Gottinger via samba wrote on 9/15/16 1:20 AM:
>>>>
>>>>
>>>> Am 15.09.2016 um 09:35 schrieb Rowland Penny
2016 Sep 14
2
Exporting keytab for SPN failure
> On Sep 14, 2016, at 12:23 PM, Achim Gottinger via samba <samba at lists.samba.org> wrote:
>
>
>
> Am 14.09.2016 um 18:23 schrieb Michael A Weber:
>> Question though, just for my curiosity:
>>
>> The encryption algorithms specified after each SPN: I see that aes-256 is listed when I export the user, but not the SPN. Are those expected, or have I done
2016 Sep 16
2
Exporting keytab for SPN failure
Am 17.09.2016 um 00:29 schrieb Robert Moulton via samba:
> Achim Gottinger via samba wrote on 9/16/16 3:05 PM:
>>
>>
>> Am 16.09.2016 um 23:00 schrieb Robert Moulton via samba:
>>> Rowland Penny via samba wrote on 9/16/16 1:43 PM:
>>>> On Fri, 16 Sep 2016 13:00:52 -0700
>>>> Robert Moulton via samba <samba at lists.samba.org> wrote:
2016 Sep 16
2
Exporting keytab for SPN failure
Achim Gottinger via samba wrote on 9/16/16 4:14 PM:
>
>
> Am 17.09.2016 um 00:54 schrieb Achim Gottinger via samba:
>>
>>
>> Am 17.09.2016 um 00:29 schrieb Robert Moulton via samba:
>>> Achim Gottinger via samba wrote on 9/16/16 3:05 PM:
>>>>
>>>>
>>>> Am 16.09.2016 um 23:00 schrieb Robert Moulton via samba: