[Samba] klist versus kadmin
degbert degbert
degbert42 at gmail.com
Tue Nov 11 09:54:14 GMT 2008
2008/11/10 Gerald (Jerry) Carter <jerry at samba.org>:
> You can only get a TGT using either the UPN or the
> sAMAccountName. Machine accounts have no UPN by default.
> My guess is that this is the root of your troubles.
Hello Jerry,
I think I already have a TGT, klist says that I have a TGT named
krbtgt/REALM at REALM:
Valid starting Expires Service principal
11/11/08 10:14:07 11/11/08 20:13:52 krbtgt/REALM at REALM
and kutil: rkt /etc/krb5.keytab says I have nine principals:
3 x host/FQDN at REALM
3 x host/HOSTNAME at REALM
3 x HOSTNAME$@REALM
(In Active directory I see a sAMAccountName of "hostname$", not "HOSTNAME$".)
Hopefully I am nearly there :)
What you say I need to get a TGT using either the UPN or the
sAMAccountName, what should I be doing differently?
Thanks, Degbert
More information about the samba
mailing list