[Samba] nslcd service - "Client not found in Kerberos database"

steve steve at steve-ss.com
Mon Jul 16 08:35:52 MDT 2012


On 16/07/12 15:18, Quinn Plattel wrote:
> Steve,
>
> An alternate workaround to steps 3,4,5 is to do the following:
> 3: samba-tool domain exportkeytab /etc/krb5.keytab --principal=nslcd-service
> 4: edit /etc/default/nslcd and add the line:
> K5START_PRINCIPAL="nslcd-service"
> 5: start nslcd with "service nslcd start"

Hi
Thanks. That's a nice method.

We prefer the separate keytab as it helps readability. With everything 
in /etc/krb5.conf it can get difficult to debug later on.

BTW, there is a newer nslcd/pam/ldapd available which screams:
http://arthurdejong.org/nss-pam-ldapd/nss-pam-ldapd-0.8.10.tar.gz
and an ubuntu package of it:
http://packages.ubuntu.com/quantal/libnss-ldapd

Cheers,
Steve



More information about the samba mailing list