[Samba] Fwd: kerberos
Gémes Géza
geza at kzsdabas.hu
Sat Mar 9 22:57:51 MST 2013
2013-03-09 15:49 keltezéssel, Saad Benateigha írta:
> Sorry
>
> ----- Forwarded Message -----
>
> From: "Saad Benateigha" <sbenateigha at geomega.com>
> To: "Andrew Bartlett" <abartlet at samba.org>
> Sent: Friday, March 8, 2013 4:09:36 PM
> Subject: Re: [Samba] kerberos
>
>
> Andrew:
> I have found some information in the Samba and beyond
> And this what I did
> # samba-tool user create postgres-servername
> # samba-tool spn add postgres/servername.domain_name at REALM postgres-servername
>
> The following command:
> # samba-tool domain exportkeytab /root/krb5.keytab --principal=postgres/servername.domain_name at REALM
>
> generates the following exception
>
> ERROR(runtime): uncaught exception - Key table entry not found
> File "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py", line 175, in _run
> return self.run(*args, **kwargs)
> File "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/domain.py", line 103, in run
> net.export_keytab(keytab=keytab, principal=principal)
>
> What did I do?
>
> Saad
>
> ----- Forwarded Message -----
>
> From: "Saad Benateigha" <sbenateigha at geomega.com>
> To: "Ricky Nance" <ricky.nance at weaubleau.k12.mo.us>
> Sent: Friday, March 8, 2013 1:08:34 PM
> Subject: Re: [Samba] kerberos
>
>
> Thank you for that
> I was wondering if anyone has created a service principle for postgresql?
>
> S.
>
> ----- Forwarded Message -----
>
> From: "Ricky Nance" <ricky.nance at weaubleau.k12.mo.us>
> To: "Andrew Bartlett" <abartlet at samba.org>
> Cc: "Saad Benateigha" <sbenateigha at geomega.com>, samba at lists.samba.org
> Sent: Friday, March 8, 2013 5:37:36 AM
> Subject: Re: [Samba] kerberos
>
>
> https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO_TEMP#Samba_AD_management may be of help.
>
>
>
> Ricky
>
>
>
> On Fri, Mar 8, 2013 at 12:53 AM, Andrew Bartlett < abartlet at samba.org > wrote:
>
>
>
> On Wed, 2013-03-06 at 14:18 -0700, Saad Benateigha wrote:
>> I am having a problem using kerberos
>>
>> I have installed samba4, and it appears to work correctly
>> However I want to create a service principle
>> and every time I try to use
>> kadmin -p admin
>> I get this error:
>> Database error! Required KADM5 principal missing while initializing kadmin interface
>>
>> What am I doing wrong?
>> Is there another command since Samba4 has it own kerberos?
>> Please shed some light on my dilemma.
> Correct, you cannot use kamin against a Samba AD DC. We do not provide
> this interface.
>
> See samba-tool to managet your AD users.
>
> Andrew Bartlett
>
Hi,
Just out of memory:
Have you tried:
samba-tool domain exportkeytab /root/krb5.keytab --principal=postgres/servername.domain_name
without the @REALM part?
Regards
Geza Gemes
More information about the samba
mailing list