[Samba] Winbind + sernet Samba4 + CentOS 6.5 + AD

Rowland Penny rowlandpenny at googlemail.com
Thu Aug 28 07:50:41 MDT 2014


On 28/08/14 14:38, L.P.H. van Belle wrote:
> add : these lines to your smb.conf stop and start samba and klist -e again.
>
>     dedicated keytab file = /etc/krb5.keytab
>     kerberos method = secrets and keytab
>     client signing = if_required
>
>
>> -----Oorspronkelijk bericht-----
>> Van: sgmorale at ringling.edu
>> [mailto:samba-bounces at lists.samba.org] Namens Stephen Garcia
>> Verzonden: donderdag 28 augustus 2014 15:11
>> Aan: steve
>> CC: samba at lists.samba.org
>> Onderwerp: Re: [Samba] Winbind + sernet Samba4 + CentOS 6.5 + AD
>>
>> klist -k
>> Keytab name: FILE:/etc/krb5.keytab
>> klist: No such file or directory while starting keytab scan
>>
>>
>> Well, that's something, but strange seeing as kinit does not
>> give me any
>> errors that I'm aware of.
>>
>> -Stephen
>>
>> Stephen E. Garcia-Morales
>> sgmorale at ringling.edu
>> Ringling College of Art and Design
>> .'. Nosce Te Ipsvm .'.
>>
>>
>> On Thu, Aug 28, 2014 at 8:58 AM, steve <steve at steve-ss.com> wrote:
>>
>>> On Thu, 2014-08-28 at 08:42 -0400, Stephen Garcia wrote:
>>>> Hi Steve,
>>>>
>>>>
>>>> Here is the smb.conf. as far as I know it is correct, but then
>>>> again...
>>>>
>>>>
>>>> ===============
>>>>
>>>> [global]
>>>>
>>>>
>>>>     netbios name = whost
>>>>     workgroup = DOMAIN
>>>>     security = ADS
>>>>     realm = DOMAIN.RINGLING.EDU
>>>>     encrypt passwords = yes
>>>>
>>>>
>>>>     idmap config *:backend = tdb
>>>>     idmap config *:range = 70001-80000
>>>>     idmap config DOMAIN:backend = ad
>>>>     idmap config DOMAIN:schema_mode = rfc2307
>>>>     idmap config DOMAIN:range = 500-40000
>>>>
>>>>
>>>>     winbind nss info = rfc2307
>>>>     winbind trusted domains only = no
>>>>     winbind use default domain = yes
>>>>     winbind enum users  = yes
>>>>     winbind enum groups = yes
>>> klist -k
>>> Anything?
>>>
>>>
>>>
>> -- 
>> To unsubscribe from this list go to the following URL and read the
>> instructions:  https://lists.samba.org/mailman/options/samba
>>
>>
You also need to add:

winbind refresh tickets = true

Rowland


More information about the samba mailing list