[Samba] Fwd: Re: Samba4 and sssd, keytab file expires?

Alessandro Briosi tsdogs at briosix.org
Wed Dec 31 01:59:04 MST 2014

>> Even if I restart the service things don't change. The only solution I
>> have found so far is regenerating the keytab file.
>> It seems that the kerberos principal expires. Is this normal?
>> Funny thing is that on the 1st dc I am using sssd too and ssh logins
>> work as expected (no need to change the keytab file).
>> Anyone seen this before?

> Which pricipal expires?
> That tickets expire is built into Kerberos. I'm using nslcd and require
> k5start to refresh the principal. Could it be that you're runnining
> something like that on your 1st DC?

> Regards,
>   - lars.

That's what I was asking, is it really expiring?
Should the principal be refreshed, or is there a way to make it not 

I have followed the wiki [1], but there's no mention about principal 

Also the first dc (CentOS 6) is using sssd and it's principal seems to 
be working fine, no expiration.



More information about the samba mailing list