[Samba] Fwd: kerberos

Saad Benateigha sbenateigha at geomega.com
Sat Mar 9 07:49:59 MST 2013 

Sorry 

----- Forwarded Message -----

From: "Saad Benateigha" <sbenateigha at geomega.com> 
To: "Andrew Bartlett" <abartlet at samba.org> 
Sent: Friday, March 8, 2013 4:09:36 PM 
Subject: Re: [Samba] kerberos 


Andrew: 
I have found some information in the Samba and beyond 
And this what I did 
# samba-tool user create postgres-servername 
# samba-tool spn add postgres/servername.domain_name at REALM postgres-servername 

The following command: 
# samba-tool domain exportkeytab /root/krb5.keytab --principal=postgres/servername.domain_name at REALM 

generates the following exception 

ERROR(runtime): uncaught exception - Key table entry not found 
File "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py", line 175, in _run 
return self.run(*args, **kwargs) 
File "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/domain.py", line 103, in run 
net.export_keytab(keytab=keytab, principal=principal) 

What did I do? 

Saad 

----- Forwarded Message -----

From: "Saad Benateigha" <sbenateigha at geomega.com> 
To: "Ricky Nance" <ricky.nance at weaubleau.k12.mo.us> 
Sent: Friday, March 8, 2013 1:08:34 PM 
Subject: Re: [Samba] kerberos 


Thank you for that 
I was wondering if anyone has created a service principle for postgresql? 

S. 

----- Forwarded Message -----

From: "Ricky Nance" <ricky.nance at weaubleau.k12.mo.us> 
To: "Andrew Bartlett" <abartlet at samba.org> 
Cc: "Saad Benateigha" <sbenateigha at geomega.com>, samba at lists.samba.org 
Sent: Friday, March 8, 2013 5:37:36 AM 
Subject: Re: [Samba] kerberos 


https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO_TEMP#Samba_AD_management may be of help. 



Ricky 



On Fri, Mar 8, 2013 at 12:53 AM, Andrew Bartlett < abartlet at samba.org > wrote: 



On Wed, 2013-03-06 at 14:18 -0700, Saad Benateigha wrote: 
> I am having a problem using kerberos 
> 
> I have installed samba4, and it appears to work correctly 
> However I want to create a service principle 
> and every time I try to use 
> kadmin -p admin 
> I get this error: 
> Database error! Required KADM5 principal missing while initializing kadmin interface 
> 
> What am I doing wrong? 
> Is there another command since Samba4 has it own kerberos? 
> Please shed some light on my dilemma. 

Correct, you cannot use kamin against a Samba AD DC. We do not provide 
this interface. 

See samba-tool to managet your AD users. 

Andrew Bartlett 

-- 
Andrew Bartlett http://samba.org/~abartlet/ 
Authentication Developer, Samba Team http://samba.org 




-- 
To unsubscribe from this list go to the following URL and read the 
instructions: https://lists.samba.org/mailman/options/samba 






--

More information about the samba mailing list