[Samba] Samba 4 krb5.keytab confusion
esiotrot at gmail.com
Mon Jan 9 04:12:28 MST 2012
On 9 January 2012 12:56, steve <steve at steve-ss.com> wrote:
> On 01/09/2012 11:50 AM, Michael Wood wrote:
>> On 9 January 2012 12:34, steve<steve at steve-ss.com> wrote:
>>> On 01/09/2012 09:47 AM, Gémes Géza wrote:
>>>>> samba-tool user add steve4
>>>>> (the spn stuff you mention doesn't seem to be needed?)
>>>>> samba-tool domain exportkeytab /etc/krb5.keytab --principal=steve4
>>>> You don't need the last step (see before).
>>> OK, I'm understanding this a little more. So how can I remove steve4 from
>>> the keytab?
>> Don't bother trying to do that. Just create a new keytab file with
>> only the relevant stuff for NFS in it.
> Rename the keytab, touch /etc/krb5.keytab to start with a blank keytab and
> add only the nfs principal? What about all the other stuff about cifs and
> host that are in there. Are they not needed?
"samba-tool domain exportkeytab" creates a new keytab file, so no need
to create an empty file. i.e. you would not be "adding" only the NFS
principal. You would be creating a new keytab file with only the NFS
principal in it.
As for the other things in the keytab, I can't say off hand whether or
not you need them, but I suspect not.
Michael Wood <esiotrot at gmail.com>
More information about the samba