[Samba] Problem accessing samba fileserver with smbclient using
Kerberos
Markus Moeller
huaraz at moeller.plus.com
Wed May 18 19:25:14 GMT 2005
I have a setup with a w2k3 AD and Samba 3.0.15pre2 as fileservers on Linux.
I created two AD computer objects and used ktpass to create the Keberos
keys. The keytab has the following entries
host/linux.test.com at TEST.COM mapped to a computer account linux-host$ for
general Kerberos services (ftp,ssh,..)
cifs/linux.test.com at TEST.COM mapped to a computer account linux-cifs$ for
Windows 2003/XP clients and
HOST/linux.test.com at TEST.COM a copy of host/linux.test.com for Windows 2000
clients
I can access the samba share from 2000/2003/XP but not with smbclient from
the linux box itself. It seems smbclient tries to use a principal
linux$@TEST.COM which isn't in my keytab and I don't see a reason why it
should. BTW smbclient works when accessing a 2003 share.
I looked at the traffic the XP client creates to the kdc and it immediatly
asks for a cifs/linux.test.com principal. Shouldn't smbclient be able to do
the same ?
Thanks
Markus
More information about the samba
mailing list