[Samba] Samba 3.0.23d & /etc/krb5.keytab
Michael Schurter
michael at susens-schurter.com
Mon Nov 27 14:08:20 GMT 2006
I'm new to Kerberos. I don't understand how Samba uses the system
keytab (/etc/krb5.keytab) when "use kerberos keytab = true".
Does Samba use service specific tickets?
What tickets does Samba add?
Do I need a cron job to keep them fresh or does Winbind take care of it?
Sorry if these are elementary questions, but the Samba HOWTO didn't help
me understand Samba's interaction with Kerberos.
My /etc/krb5.keytab looks like this:
KVNO Principal
----
--------------------------------------------------------------------------
1 host/schurter3-linux.tremont.local at TREMONT.LOCAL
0 host/schurter3-linux.tremont at TREMONT.LOCAL
0 host/schurter3-linux.tremont at TREMONT.LOCAL
0 host/schurter3-linux.tremont at TREMONT.LOCAL
0 host/schurter3-linux at TREMONT.LOCAL
0 host/schurter3-linux at TREMONT.LOCAL
0 host/schurter3-linux at TREMONT.LOCAL
0 schurter3-linux$@TREMONT.LOCAL
0 schurter3-linux$@TREMONT.LOCAL
0 schurter3-linux$@TREMONT.LOCAL
where schurter3-linux is my computer and TREMONT.LOCAL is the Active
Directory Realm. The first ticket was generated on the Active Directory
server using the ktpass command as per some Microsoft documentation.
I use Winbind & Kerberos in PAM.
Thanks,
Michael Schurter
More information about the samba
mailing list