[Samba] Is it EVER needed to set up kerberos manually if you use samba to join an ADS domain as a domain member?
Clayton Hill
chill at powerfile.com
Thu Apr 22 15:49:20 MDT 2010
Hi folks!
We finally have an answer to a question posted in 2009... and the answer
is: YES SET UP KERBEROS.
Here is the original thread:
http://www.pubbs.net/200910/samba/27283-samba-is-it-ever-needed-to-set-u
p-kerberos-manually-if-you-use-samba-to-join-an-ads-domain-as-a-domain-m
ember.html
Now here is the correct answer:
------------------------------------------------------------------------
--------
Just a quick experiment for you to try.
Logon to a samba member server that has joined a domain and run the
following:
This should show that we have no Kerberos ticket since we did not do a
kinit.
(This is because we used net ads join -U Administrator and joined the
domain only through the net ads function.)
#klist
Now query the domain and check the response
#net ads user
#net ads group
More information about the samba
mailing list