[Samba] should realmd create all the keytabs @AD DC ?
Rowland penny
rpenny at samba.org
Mon Jun 6 10:26:31 UTC 2016
On 06/06/16 10:52, lejeczek wrote:
> hi users
>
> I'm trying:
>
> $ realm join ...
>
> and I see that keytabs are not ok, I think, right?
>
> >setspn -L dzien
> Registered ServicePrincipalNames for CN=DZIEN,OU=private,DC=my,DC=dom
> te,DC=cam,DC=ac,DC=uk:
> HOST/dzien.private.my.dom
> HOST/DZIEN
>
> seems to me that @AD.MY.DOM is missing?
>
> is this expected behavior and missing keytabs should be added manually?
>
> many thanks,
>
> L.
>
>
No idea if realmd is working correctly, it is not part of Samba, Samba
uses 'net ads join' and, if you have the required lines in smb.conf, the
keytab & SPNs get created for you.
What I can say is, if I run 'ktutil' on a client, every line in the
keytab ends in '@SAMDOM.EXAMPLE.COM'
Rowland
More information about the samba
mailing list