[Samba] Linux client of the domain - SSSD : authenticating via Kerberos

Rowland Penny rowlandpenny at googlemail.com
Fri Dec 20 08:59:15 MST 2013


On 20/12/13 14:00, steve wrote:
> On Fri, 2013-12-20 at 14:40 +0100, Cyril wrote:
>> Le 20/12/2013 14:19, steve a écrit :
>>> On Fri, 2013-12-20 at 10:37 +0100, Cyril wrote:
>>>
>>>> kinit myserver$@SUBDOMAIN.DOMAIN.FR
>>>> It also ask me a password but the admin's one doesn't work.
>>>>
>>> Eh? You don't need a password. You already have the key!
>>> kinit -k -t /etc/krb5.sssd.keytab myserver$
>>>
>>> Could you post the output of that command?
>>>
>> That give me nothing. No error, no warning.
>> It didn't ask me anypassword
>>
> OK. So it worked.
>>>> Am-I suppose to create this principal myserver$@SUBDOMAIN.DOMAIN.FR
>>>> first before generating the keytab on the DC ?
>>>>
>>> You already have the principal. It was created when you joined the
>>> machine to the domain.
>> Ho, you mean joining the myserver machine !
>>
> No, I'm sorry. The post crossed. I now know that the machine is not
> joined to the domain using samba. You do somehow however, have a key for
> the machine.
>
> And, from your other posts, your domain users can now authenticate on
> the Linux client.
>
> Cheers,
> Steve
>
>
OK, seeing as how it is Christmas, here is how to get libpam-pwquality 
on Ubuntu precise, using the packages from Saucy ;-)

x86:
wget 
http://fr.archive.ubuntu.com/ubuntu/pool/universe/libp/libpwquality/libpam-pwquality_1.2.3-1_i386.deb
wget 
http://fr.archive.ubuntu.com/ubuntu/pool/main/libp/libpwquality/libpwquality1_1.2.3-1_i386.deb
wget 
http://fr.archive.ubuntu.com/ubuntu/pool/main/libp/libpwquality/libpwquality-common_1.2.3-1_all.deb

sudo dpkg -i libpwquality-common_1.2.3-1_all.deb
sudo apt-get install libcrack2
sudo dpkg -i libpwquality1_1.2.3-1_i386.deb
sudo dpkg -i libpam-pwquality_1.2.3-1_i386.deb

x86_64:
wget 
http://fr.archive.ubuntu.com/ubuntu/pool/universe/libp/libpwquality/libpam-pwquality_1.2.3-1_amd64.deb
wget 
http://fr.archive.ubuntu.com/ubuntu/pool/main/libp/libpwquality/libpwquality1_1.2.3-1_amd64.deb
wget 
http://fr.archive.ubuntu.com/ubuntu/pool/main/libp/libpwquality/libpwquality-common_1.2.3-1_all.deb

sudo dpkg -i libpwquality-common_1.2.3-1_all.deb
sudo apt-get install libcrack2
sudo dpkg -i libpwquality1_1.2.3-1_amd64.deb
sudo dpkg -i libpam-pwquality_1.2.3-1_amd64.deb

and there you go!

Rowland


More information about the samba mailing list