[Samba] Kerberized smb with MIT K5 realm

Mark Campbell mcc171 at psu.edu
Thu Dec 22 20:10:32 GMT 2005

I tried this new feature with 3.0.21 and have had some luck but it is 
not quite working. 

My config looks like:

#======================= Global Settings 
  workgroup = MYGROUP
  server string = Samba Server
  log file = /var/log/samba/log.smbd
  security = user
  use kerberos keytab = yes
  realm = xxx.psu.edu

#============================ Share Definitions 
  comment = Home Directories
  browseable = no
  writable = yes

I have the keytab file:


imported to the /etc/krb5.keytab file.

My client gets the service ticket for cifs/xxx.xxx.psu.edu but I see the 
following in the samba logs:

[2005/12/21 16:41:12, 1] smbd/sesssetup.c:reply_spnego_kerberos(180)
 Failed to verify incoming ticket!

Any ideas?



Mark Campbell
Systems Analyst, Advanced Information Technologies
Information Technology Services
The Pennsylvania State University
mcc171 at psu.edu, 814-865-4774

More information about the samba mailing list