[Samba] kerberos configuration in samba
Ralf Hornik Mailings
ralf at best.homeunix.org
Tue Dec 15 06:07:59 MST 2009
Rajesh Ghanekar <rajesh_ghanekar at symantec.com> wrote:
>> One idea to make an admin server HA in krb5.conf could be DNS round
>> robin, as far as multiple admin server are really supported.
>>
> Does other points (#1 - #3) mentioned in my mail holds true or
> there is still
> some confusion from my side?
Regarding
http://www.informit.com/guides/content.aspx?g=security&seqNum=37
kerberos libs should use nss (name service switch), but you can easyly
figure it out by trying. ;-)
When you have a working DNS with SRV records pointing g to your KDC
you can simply move your krb5.conf and try a kinit to get credendials.
This should work, when using DNS.
However, you also might want to add some entries to nsswitch.conf like
rpc: files dns
services: files dns
or something...
More information about the samba
mailing list