[Samba] Samba4 kinit issue with principal and keytab file

Rowland Penny rowlandpenny at googlemail.com
Thu Feb 12 07:41:53 MST 2015

On 12/02/15 13:39, Olivier BILHAUT wrote:
> Hi Rowland,
> Yes, I read this documentation carefully. I have two
> working Apache2 with kerberos authentication working.
> My question is
> more about troubleshooting a keytab. If I need to test manually a keytab
> file chalenging a specific principal, what's the prefered method ?
> I
> thougt that a kinit could be done using a principal name, but I am
> unable to kinit with somehting else than the user at REALM
> Any help ?
> Thanks.
> Olivier

OK, you have an AD user called 'kerbuser'

You have created a keytab for your user

Now when you run kinit, you need to specify what cache to use:

kinit -k -t /etc/my.keytab -c /tmp/kerbuser.krb5cc kerbuser


More information about the samba mailing list