How test that secret.keytab is synchronized with the entry in sam.ldb

Andrew Bartlett abartlet at
Mon May 3 23:14:26 MDT 2010

On Tue, 2010-05-04 at 09:06 +0400, Matthieu Patou wrote:
> Well i think that the title says all.

In short, we never change the password, so it never needs to be updated.

The libnet_Join code sets the passwords to be the same at the start, and
so it remains in sync until the password changes.

To test, try and do an smbclient -L mydc --machine-pass

That will use the local machine password to do a kinit or NTLM login.
IF that works, they are in sync.

Andrew Bartlett

Andrew Bartlett                      
Authentication Developer, Samba Team 
Samba Developer, Cisco Inc.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part
URL: <>

More information about the samba-technical mailing list