[Samba] winbind_krb5_locator usage
Felix Matouschek
felix.matouschek at vipco.de
Fri Aug 14 07:28:56 UTC 2015
Hi,
no, it was created on site b. It never was on site a.
Greetings,
Felix
-----Ursprüngliche Nachricht-----
Von: samba [mailto:samba-bounces at lists.samba.org] Im Auftrag von L.P.H. van Belle
Gesendet: Freitag, 14. August 2015 09:14
An: samba at lists.samba.org
Betreff: Re: [Samba] winbind_krb5_locator usage
Just a question.
Did you create this server on site a and the moved it to site b?
>-----Oorspronkelijk bericht-----
>Van: samba [mailto:samba-bounces at lists.samba.org] Namens Felix
>Matouschek
>Verzonden: vrijdag 14 augustus 2015 8:58
>Aan: samba at lists.samba.org
>Onderwerp: Re: [Samba] winbind_krb5_locator usage
>
>Hello,
>
>i investigated further and found out that other member servers do honor
>their AD sites.
>
>It is just that one machine that has both KDCs in it's
>"/var/cache/samba/smb_krb5 exists/ krb5.conf.INTRANET".
>
>I'm a bit puzzled... the smb.conf on this machine and on a machine that
>works is 100% identical, only netbios names differ.
>
>Is there another way to control this behaviour?
>
>Greetings,
>Felix
>
>-----Ursprüngliche Nachricht-----
>Von: samba [mailto:samba-bounces at lists.samba.org] Im Auftrag von Felix
>Matouschek
>Gesendet: Donnerstag, 13. August 2015 13:14
>An: samba at lists.samba.org
>Betreff: [Samba] winbind_krb5_locator usage
>
>Hi Rowland,
>
>/var/run/samba/smb_krb5 does not exist.
>
>However /var/cache/samba/smb_krb5 exists, there is a file named
>"krb5.conf.INTRANET".
>
>Contents:
>
>[libdefaults]
> default_realm = INTRANET.VIPCO.DE
> default_tgs_enctypes = aes256-cts-hmac-sha1-96
>aes128-cts-hmac-sha1-96 RC4-HMAC DES-CBC-CRC DES-CBC-MD5
> default_tkt_enctypes = aes256-cts-hmac-sha1-96
>aes128-cts-hmac-sha1-96 RC4-HMAC DES-CBC-CRC DES-CBC-MD5
> preferred_enctypes = aes256-cts-hmac-sha1-96
>aes128-cts-hmac-sha1-96 RC4-HMAC DES-CBC-CRC DES-CBC-MD5
>
>[realms]
> INTRANET.VIPCO.DE = {
> kdc = 192.168.0.197
> kdc = 192.168.122.1
> }
>
>Doesn't that mean 192.168.0.197 is the primary kdc?
>192.168.122.1 should be primary kdc for that machine.
>
>Greetings,
>Felix
>
>-----Ursprüngliche Nachricht-----
>Von: samba [mailto:samba-bounces at lists.samba.org] Im Auftrag von
>Rowland Penny
>Gesendet: Donnerstag, 13. August 2015 12:57
>An: samba at lists.samba.org
>Betreff: Re: [Samba] winbind_krb5_locator usage
>
>On 13/08/15 10:47, Felix Matouschek wrote:
>> Hello,
>>
>> I have different Sites in my domain and want the different
>members to use the respective domain controller of their site.
>>
>> I can't get this to work right. I have a member that is in
>site B but executing "net ads info" outputs the DC of site A as active.
>>
>> I read about enabling "winbind_krb5_locator", but it is
>already located in "/usr/lib/x86_64-linux-gnu/krb5/plugins/krb5/".
>>
>> Winbind also does not generate a krb5.conf, even with the
>option "create krb5 conf" explicitly set to yes.
>
>Have you tried looking in /var/run/samba/smb_krb5 on the member server
>?
>
>Rowland
>
>>
>> I am using SerNet Samba 4.2.3 as DC and Member.
>>
>> Any suggestions?
>>
>> Greetings,
>> Felix
>
>
>--
>To unsubscribe from this list go to the following URL and read the
>instructions: https://lists.samba.org/mailman/options/samba
>
>
>--
>To unsubscribe from this list go to the following URL and read the
>instructions: https://lists.samba.org/mailman/options/samba
>
>
>--
>To unsubscribe from this list go to the following URL and read the
>instructions: https://lists.samba.org/mailman/options/samba
>
>
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list