[Samba] Samba4 and keytabs
Michael Wood
esiotrot at gmail.com
Mon May 3 12:45:36 MDT 2010
On 3 May 2010 17:33, Jussi Vainionpää <jussinsambalist at vainionpaa.net> wrote:
> Hello,
>
> I installed Samba4 according to the HOWTO. The provisioning created a user
> (dns) and a keytab for DNS updates, but the service principal in the keytab
> seems to be wrong for me (the domain name instead of ns1.domainname).
>
> What would be the correct way of changing / adding service principals
> associated with a user and re-generating the keytab?
>
> I got the dns updates working by adding a new user with ADUC and creating
> the keytab with ktpass on a windows machine joined to the domain, but that
> seems unnecessarily complicated and results in a keytab with different
> encryption methods compared to the one created by provision.
>
> Besides dns, service principals and keytabs are needed also for a bunch of
> other services (imap, smtp, http); would the same methods apply?
It looks like the source4/setup/spn_update_list file contains the list
of principles.
I haven't dug around enough to know what the proper way is to do what you need.
I suspect you will get more help with this on the samba-technical list.
--
Michael Wood <esiotrot at gmail.com>
More information about the samba
mailing list