[Samba] creating Kerberos host principals for multiple hostnames, multihomed server
John Wyzer
john.wyzer at gmx.de
Thu Mar 5 15:37:55 MST 2015
Hi!
I maintain Linux servers that are members of a Samba4 Domain.
User authentication / login via ssh works fine with Kerberos.
But: only via one hostname.
Those machines need a working Kerberos login via multiple hostnames
(each hostname has its own IP address and DNS is set up correctly.)
"net ads keytab list" of course gives me the main hostname that was in
use when joining the domain (host/my-server at MY.REALM.COM).
With "net ads keytab add" I can only add service principals without
specifying the FQDN of the desired principal.
Is there a way for me to add a "host/my-server2 at MY.REALM.COM" principal
to the machines' keytab?
I'm very much out of ideas and have searched all the mailing lists'
archives to no avail :-(
Best regards and many thanks for any help!
John
More information about the samba
mailing list