[Samba] kerberos configuration in samba

[Ralf Hornik Mailings]

Rajesh Ghanekar <rajesh_ghanekar at symantec.com> wrote:

> Hi Ralf,
>  Thanks for the help. But I was asking if all 4 points mentioned in my mail
> are correct or not, like what if SRV records are not present, etc, then what
> should go in krb5.conf and smb.conf?

Im not clear, what you are asking for. All points 1 - 3 are true.

Point 1 and 3. Have you got a working DNS? So getting kerberos  
credendials works without any krb5.conf (testet 1 minute before). (You  
only have to attach the kerberos realm when kinit e.g. "kinit  
user at REALM.ORG").

If not you have to set krb5.conf like:

[libdefaults]
         default_realm = REALM.ORG
[realms]
         REALM.ORG = {
                 kdc = master.realm.org:88
                 kdc = slave.realm.org:88
                 admin_server = master.realm.org:749
                 default_domain = realm.org
         }
[domain_realm]
         .realm.org = REALM.ORG
         realm.org = REALM.ORG

Point 2. This is explained by itself and correct.