[Samba] login via Samba 4 LDAP
steve
steve at steve-ss.com
Thu Dec 29 02:11:05 MST 2011
On 29/12/11 10:00, steve wrote:
> On 28/12/11 21:59, Bernd Markgraf wrote:
>>> You should create a user in AD for nss-ldap and extract a keytab for it
>>> (samba-tool domain exportkeytab --principal=....) and configure
>>> nss-ldap
>>> to use that keytab for authenticating. Most probably you aren't allowed
>>> to bind anonymously to your AD server (you can try with ldapsearch -x)
>> LDAP works with an anonymous bind. You need the Kerberos keytab for
>> authentication though.
>>
>
> steve at hh3:~> ldapsearch -x
> # extended LDIF
> #
> # LDAPv3
> # base <DC=hh3,DC=site> (default) with scope subtree
> # filter: (objectclass=*)
> # requesting: ALL
> #
>
> # search result
> search: 2
> result: 1 Operations error
> text: 00002020: Operation unavailable without authentication
>
> # numResponses: 1
>
>
>
> I found this usage:
>
> samba-tool export keytab PATH_TO_KEYTAB
>
> How can I find my PATH_TO_KEYTAB
> ?
> Thanks
Can't get the syntax right:
samba-tool domain exportkeytab /var/lib/named/master --principal
Usage: samba-tool domain exportkeytab <keytab> [options]
samba-tool domain exportkeytab: error: --principal option requires an
argument
More information about the samba
mailing list