[Samba] Error with samba update in debian.
L.P.H. van Belle
belle at bazuin.nl
Fri Dec 30 09:10:07 UTC 2016
Hai Rowland,
Simply put,
- UPN: An entity performing client requests to some service.
Entity may be human or machine.
Source :
https://msdn.microsoft.com/en-us/library/windows/desktop/ms721629(v=vs.85).aspx#_security_user_principal_name_gly
- SPN: An entity processing requests for a specific service, e.g., HTTP, LDAP, SSH, etc.
Entity is Machine only.
Source:
https://msdn.microsoft.com/en-us/library/windows/desktop/ms721625(v=vs.85).aspx#_security_service_principal_name_gly
And normaly a UPN retrieves a service ticket for an SPN to use that actual service.
Now how is this a squid problem if samba-tool does not give the options to set an UPN to the machine also.
But this is mainly a Windows KDC and Unix KDC difference but still.
Resulting that in windows terms we need to set the SPN to a machine UPN. Which is always: namehostname$@REALM
Greetz,
Louis
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens Rowland Penny via
> samba
> Verzonden: donderdag 29 december 2016 11:27
> Aan: samba at lists.samba.org
> Onderwerp: Re: [Samba] Error with samba update in debian.
>
> On Thu, 29 Dec 2016 09:25:20 +0100
> "L.P.H. van Belle via samba" <samba at lists.samba.org> wrote:
>
> > no thats not it
> >
> > samba-tool does not set upn but msktutil does set the upn.
> >
> > So an option for samba-tool to set upn would be nice...
> >
> >
> > Greetz
> >
> > Louis
>
> Yes it is !!
>
> From my point of view, squid is expecting an SPN, but seems to accept
> a UPN. Have you tried using the machine account and adding an SPN to
> that ?
>
> Rowland
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list