[Samba] Keytabs (obviously) not valid after password change
steve at steve-ss.com
Tue Aug 19 03:59:37 MDT 2014
On Mon, 2014-08-18 at 19:39 -0300, George wrote:
> On Sun, Aug 17, 2014 at 6:57 PM, steve <steve at steve-ss.com> wrote:
> > Yes:
> > kerberos method = system keytab
> > The default is secrets only.
> > The easiest way to set the correct keytab is to use the line above and
> > the keytab will be created on domain join via net ads. If you've already
> > joined, add the line and use net ads keytab create.
> Ok! That's why the keytab is not expiring then. Thanks for the tip!
> Best regards!
Just in case this is used for reference, it is not a case of expiring.
The keytab that is produced upon domain join or via the net command is
not updated unless by manual intervention.
More information about the samba