samba4 keytab management

Trever L. Adams trever.adams at
Tue Oct 19 06:14:10 MDT 2010

 On 09/06/2010 05:28 PM, srikumar 108 wrote:
> 2. 'ldbedit -H sam.lbd cn=imap' to add the following:
> servicePrincipalName: imap/.f.q.d.n
> userPrincipalName: imap/f.q.d.n at REALM
> The 'userPrincipalName' entry is added by Windows ktpass.exe, but it
> was not strictly necessary. The trick was to add the serviceprincipal
> WITHOUT the realm part.
Sorry for responding to an old thread, but I thought I would chime in.
The userPrincipalName is actually required by some programs for things
to work properly. One example of this is dovecot SASL being used by
postfix (client Thunderberd 3.1.4) for smtp). I have been trying to get
this to work for about a week.

Just for grins, I added the userPrincipalName in the format listed above
and all of my problems disappeared.

Any fix to would be GREATLY appreciated.

Thank you,
Trever Adams
"The best we can hope for concerning the people at large is that they be
properly armed." -- Alexander Hamilton, The Federalist Papers at 184-188

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 261 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the samba-technical mailing list