[Samba] Obtaining TGT using service principal name

Andrew Bartlett abartlet at samba.org
Mon Feb 3 19:32:04 MST 2014


On Mon, 2014-02-03 at 21:27 -0500, Bobby Kirchgessner wrote:
> Dear Andrew,
> 
> 
> Thanks for your reply, and hopefully you can help resolve my
> confusion. 
> 
> 
> I am using Samba4 on a virtual machine to handle my DNS/DC, with a
> FreeNAS server providing CIFS mounts to users on my network. I would
> like to handle permissions based on the DC users database, so I
> followed the guide here:
> http://doc.freenas.org/index.php/Directory_Services. In order to avoid
> storing my DC administrator password in the FreeNAS database, I opted
> to setup a keytab. The FreeNAS guide lists these commands for doing
> so:

While the admin password is used, it shouldn't be stored.  If you worry,
change it after you give it to FreeNAS.  

Samba, running on the FreeNAS, will be much happier with a machine
account it creates.

Andrew Bartlett

-- 
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team  http://samba.org
Samba Developer, Catalyst IT          http://catalyst.net.nz/services/samba






More information about the samba mailing list