[Samba] self compiled samba domain member, jessie, pam config
Rowland Penny
rowlandpenny241155 at gmail.com
Mon Oct 26 21:13:50 UTC 2015
On 26/10/15 21:01, mourik jan c heupink wrote:
> Hi,
>
> I have the keytab file, it just seems that:
>
> "technically "secrets and keytab" means that samba uses both the
> internal secrets and system keytab file for keytab storage. secrets is
> in memory (so this works even if changing uid). keytab on the other
> hand is only opened when needed."
>
> So I have the keytab, I just needed to chmod g+r for it to be readable
> after "winbindd forks, changes to the uid of the user that is logging
> in."
>
> Both quotes above are from the samba bugreport.
> (https://bugzilla.samba.org/show_bug.cgi?id=10490)
>
> And about your line
> > winbind refresh tickets = Yes # <-- do you have this line
> Yes I do. I pretty much took the domain member server smb.conf from
> the wiki.
>
> MJ
>
> On 26-10-2015 21:46, Rowland Penny wrote:
>>
>> If you don't have the keytab, try leaving the domain and re-joining,
>> this should create the keytab, if you do have the keytab, remove it
>> then, leave and re-join.
>
Weird, I have never had Problems (and if I start having them now, I am
going to blame you :-) ) and this is my keytab permissions:
ls -la /etc/krb5.keytab
-rw------- 1 root root 1732 Oct 14 19:46 /etc/krb5.keytab
Rowland
More information about the samba
mailing list