[Samba] SAMBA4 kinit fails
Andrew Bartlett
abartlet at samba.org
Wed Sep 8 23:30:44 MDT 2010
On Mon, 2010-09-06 at 01:33 -0400, rajat swarup wrote:
> On Mon, Sep 6, 2010 at 12:54 AM, Neil Balchin <neil at neilandjo.com> wrote:
> > I've tried that, i ran
> >
> > cp /usr/local/samba/private/krb5.conf /etc/krb5.conf
> >
> > contents of /etc/krb5.conf
> > are
> > ......
> >
> > [libdefaults]
> > default_realm = MYDOMAIN.COM
> > dns_lookup_realm = false
> > dns_lookup_kdc = false
> > ticket_lifetime = 24h
> > forwardable = yes
> >
> > [realms]
> > MYDOMAIN.COM = {
> > kdc = pdc.mydomain.com:88
> > admin_server = pdc.mydomain.com:749
> > default_domain = mydomain.com
> > }
> >
> > [domain_realm]
> > .mydomain.com = MYDOMAIN.COM
> > mydomain.com = MYDOMAIN.COM
> >
>
> Change the contents of /etc/krb5.conf to
> [libdefaults]
> dns_lookup_realm = true
> dns_lookup_kdc = true
>
> Even though the system is using DNS kerberos doesn't use DNS due to
> the settings that you've configured.
I'll fix up the defaults here - they are indeed incorrect.
Sorry for the bother!
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Cisco Inc.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 190 bytes
Desc: This is a digitally signed message part
URL: <http://lists.samba.org/pipermail/samba/attachments/20100909/6f9c847b/attachment.pgp>
More information about the samba
mailing list