[Samba] TKEY is unacceptible [SEC=UNOFFICIAL]
steve
steve at steve-ss.com
Mon Jul 21 00:32:32 MDT 2014
On Mon, 2014-07-21 at 03:16 +0000, Thamm, Russell wrote:
>
> I concluded that the dns account should be dns-sambabox and not the current dns-sambabox.MyDomain.local
>
> samba-tool spn list dns-sambabox.mydomain.local returns a spn of
> DNS/SAMBABOX.MyDomain.local.mydomain.local.
Hi
Kerberos appends the domain name to the hostname, so you have
either /etc/hostname, /etc/hosts or /etc/resolv.conf wrong. Or, maybe
all three. In your case, hostname is returning fqdn which is why you
have the wrong keys.
hostname
hostname -f
hostname -s
and
hostname -d
must be perfect before you provision or join.
But in any case, you cannot use a .local domain.
Cheers,
Steve
More information about the samba
mailing list