[Samba] self compiled samba domain member, jessie, pam config
Rowland Penny
rowlandpenny241155 at gmail.com
Mon Oct 26 21:24:08 UTC 2015
On 26/10/15 21:01, mourik jan c heupink wrote:
> Hi,
>
> I have the keytab file, it just seems that:
>
> "technically "secrets and keytab" means that samba uses both the
> internal secrets and system keytab file for keytab storage. secrets is
> in memory (so this works even if changing uid). keytab on the other
> hand is only opened when needed."
Hang on a minute, I thought about this and this seemed to be wrong, so I
went and checked the smb.conf manpage and found this:
ยท secrets and keytab - use the secrets.(n)tdb first, then the
system keytab
So, if the manpage is to be believed, secrets is not in memory, it is a
.tdb file.
Rowland
>
> So I have the keytab, I just needed to chmod g+r for it to be readable
> after "winbindd forks, changes to the uid of the user that is logging
> in."
>
> Both quotes above are from the samba bugreport.
> (https://bugzilla.samba.org/show_bug.cgi?id=10490)
>
> And about your line
> > winbind refresh tickets = Yes # <-- do you have this line
> Yes I do. I pretty much took the domain member server smb.conf from
> the wiki.
>
> MJ
>
> On 26-10-2015 21:46, Rowland Penny wrote:
>>
>> If you don't have the keytab, try leaving the domain and re-joining,
>> this should create the keytab, if you do have the keytab, remove it
>> then, leave and re-join.
>
More information about the samba
mailing list