[Samba] Keytabs (obviously) not valid after password change
steve
steve at steve-ss.com
Tue Aug 19 03:59:37 MDT 2014
On Mon, 2014-08-18 at 19:39 -0300, George wrote:
> On Sun, Aug 17, 2014 at 6:57 PM, steve <steve at steve-ss.com> wrote:
>
> > Yes:
> > kerberos method = system keytab
> >
> > The default is secrets only.
> >
> > The easiest way to set the correct keytab is to use the line above and
> > the keytab will be created on domain join via net ads. If you've already
> > joined, add the line and use net ads keytab create.
> >
>
> Ok! That's why the keytab is not expiring then. Thanks for the tip!
>
> Best regards!
>
> George
Just in case this is used for reference, it is not a case of expiring.
The keytab that is produced upon domain join or via the net command is
not updated unless by manual intervention.
Cheers,
Steve
More information about the samba
mailing list