[Samba] Winbind + sernet Samba4 + CentOS 6.5 + AD
Rowland Penny
rowlandpenny at googlemail.com
Thu Aug 28 07:50:41 MDT 2014
On 28/08/14 14:38, L.P.H. van Belle wrote:
> add : these lines to your smb.conf stop and start samba and klist -e again.
>
> dedicated keytab file = /etc/krb5.keytab
> kerberos method = secrets and keytab
> client signing = if_required
>
>
>> -----Oorspronkelijk bericht-----
>> Van: sgmorale at ringling.edu
>> [mailto:samba-bounces at lists.samba.org] Namens Stephen Garcia
>> Verzonden: donderdag 28 augustus 2014 15:11
>> Aan: steve
>> CC: samba at lists.samba.org
>> Onderwerp: Re: [Samba] Winbind + sernet Samba4 + CentOS 6.5 + AD
>>
>> klist -k
>> Keytab name: FILE:/etc/krb5.keytab
>> klist: No such file or directory while starting keytab scan
>>
>>
>> Well, that's something, but strange seeing as kinit does not
>> give me any
>> errors that I'm aware of.
>>
>> -Stephen
>>
>> Stephen E. Garcia-Morales
>> sgmorale at ringling.edu
>> Ringling College of Art and Design
>> .'. Nosce Te Ipsvm .'.
>>
>>
>> On Thu, Aug 28, 2014 at 8:58 AM, steve <steve at steve-ss.com> wrote:
>>
>>> On Thu, 2014-08-28 at 08:42 -0400, Stephen Garcia wrote:
>>>> Hi Steve,
>>>>
>>>>
>>>> Here is the smb.conf. as far as I know it is correct, but then
>>>> again...
>>>>
>>>>
>>>> ===============
>>>>
>>>> [global]
>>>>
>>>>
>>>> netbios name = whost
>>>> workgroup = DOMAIN
>>>> security = ADS
>>>> realm = DOMAIN.RINGLING.EDU
>>>> encrypt passwords = yes
>>>>
>>>>
>>>> idmap config *:backend = tdb
>>>> idmap config *:range = 70001-80000
>>>> idmap config DOMAIN:backend = ad
>>>> idmap config DOMAIN:schema_mode = rfc2307
>>>> idmap config DOMAIN:range = 500-40000
>>>>
>>>>
>>>> winbind nss info = rfc2307
>>>> winbind trusted domains only = no
>>>> winbind use default domain = yes
>>>> winbind enum users = yes
>>>> winbind enum groups = yes
>>> klist -k
>>> Anything?
>>>
>>>
>>>
>> --
>> To unsubscribe from this list go to the following URL and read the
>> instructions: https://lists.samba.org/mailman/options/samba
>>
>>
You also need to add:
winbind refresh tickets = true
Rowland
More information about the samba
mailing list