[Samba] kerberos configuration in samba
Rajesh Ghanekar
rajesh_ghanekar at symantec.com
Tue Dec 15 06:36:12 MST 2009
Hi Ralf,
Thanks for the help. But I was asking if all 4 points mentioned in my
mail
are correct or not, like what if SRV records are not present, etc, then what
should go in krb5.conf and smb.conf?
Thanks,
Rajesh
Ralf Hornik Mailings wrote:
> Rajesh Ghanekar <rajesh_ghanekar at symantec.com> wrote:
>
>>> One idea to make an admin server HA in krb5.conf could be DNS round
>>> robin, as far as multiple admin server are really supported.
>>>
>> Does other points (#1 - #3) mentioned in my mail holds true or there
>> is still
>> some confusion from my side?
>
> Regarding
>
> http://www.informit.com/guides/content.aspx?g=security&seqNum=37
>
> kerberos libs should use nss (name service switch), but you can easyly
> figure it out by trying. ;-)
>
> When you have a working DNS with SRV records pointing g to your KDC
> you can simply move your krb5.conf and try a kinit to get credendials.
> This should work, when using DNS.
>
> However, you also might want to add some entries to nsswitch.conf like
>
> rpc: files dns
> services: files dns
>
> or something...
>
>
More information about the samba
mailing list