[Samba] SAMBA Kerberos misunderstanding
Bradley Schatz
blschatz at gmail.com
Tue Feb 20 07:57:47 GMT 2007
I suspect I might be grossly misunderstanding kerberos and AD here, but I
cant seem to grok the following.
net ads join integrates my linux samba server (named foundry) into an AD
domain and all works fine. The samba server is using the kerberos keytab.
root at foundry:~ # kinit -k -t /etc/krb5.keytab foundry$
root at foundry:~ # kinit -k -t /etc/krb5.keytab host/foundry.example.local
kinit(v5): Client not found in Kerberos database while getting initial
credentials
Why can't kinit find the service host/foundry.example.local in the AD
Kerberos database? It seems to be in the local linux server keylist:
root at foundry:~ # klist -k
Keytab name: FILE:/etc/krb5.keytab
KVNO Principal
----
--------------------------------------------------------------------------
2 host/foundry.example.local at EXAMPLE.LOCAL
2 host/foundry.example.local at EXAMPLE.LOCAL
.... cut ...
What am I missing here?
Thanks,
Bradley
More information about the samba
mailing list