cifs mount using machine credentials

Uri Simchoni uri_simchoni at
Sun Jul 12 13:26:02 MDT 2009

Hi list,

I recently tried mounting a remote Win2003 server share using kerberos and the TGT obtained by a "net join" command. The basic idea was to periodically synchronize files from the remote server, and not have to rely on a specific user/password, just on the fact that I'm joined to the domain.
After failing to find the correct command sequence and/or parameters, I patched cifs.upcall to fetch the TGT from secrets.tdb - basically copied the stuff from winbindd. Works like a charm.

So I'd like to ask:
- Is there anything fundamentally wrong - security-wise or otherwise, with this setup.
- Is there another way besides patching cifs.upcall to do the same thing (frankly, I really didn't understand where cifs.upcall should get its TGT from, and couldn't find any example)
- Would this patch be of any value to others.


Drag n’ drop—Get easy photo sharing with Windows Live™ Photos.

More information about the samba-technical mailing list