[Samba] Kerberized smb with MIT K5 realm
Mark Campbell
mcc171 at psu.edu
Thu Dec 22 20:10:32 GMT 2005
I tried this new feature with 3.0.21 and have had some luck but it is
not quite working.
My config looks like:
#======================= Global Settings
=====================================
[global]
workgroup = MYGROUP
server string = Samba Server
log file = /var/log/samba/log.smbd
security = user
use kerberos keytab = yes
realm = xxx.psu.edu
#============================ Share Definitions
==============================
[homes]
comment = Home Directories
browseable = no
writable = yes
I have the keytab file:
cifs/xxx.xxx.psu.edu
host/xxx.xxx.psu.edu
imported to the /etc/krb5.keytab file.
My client gets the service ticket for cifs/xxx.xxx.psu.edu but I see the
following in the samba logs:
[2005/12/21 16:41:12, 1] smbd/sesssetup.c:reply_spnego_kerberos(180)
Failed to verify incoming ticket!
Any ideas?
Thanks
Mark
--
Mark Campbell
Systems Analyst, Advanced Information Technologies
Information Technology Services
The Pennsylvania State University
mcc171 at psu.edu, 814-865-4774
More information about the samba
mailing list