[Samba] Where is krb5.keytab or equivalent?
mathias dufresne
infractory at gmail.com
Mon Jun 27 09:18:39 UTC 2016
You can specify which principal you want in your keytab with samba-tool,
check the manual.
You can check which principal is in your keytab using klist: klist -k or
klist -ke /path/to/keytab
2016-06-27 9:09 GMT+02:00 Rowland penny <rpenny at samba.org>:
> On 27/06/16 04:27, Mark Foley wrote:
>
>> I am running Samba 4.1.23 as an AD/DC. It has been running file for more
>> than 1 1/2 years as a
>> AD/DC for mostly Windows workstations.
>>
>> I'm trying to setup Dovecot with gssapi authentication. The config needs
>> the location of the service
>> keys located in the keytab file. The default location it looks for is:
>>
>> /etc/krb5.keytab
>>
>> There is no such file there, nor is there a so-named file on the AD/DC at
>> all. I do find:
>>
>> /etc/samba/private/secrets.keytab
>> /etc/samba/private/dns.keytab
>>
>> Is one of these what I can use for the Dovecot required config?
>>
>> THX --Mark
>>
>>
> Hi, you don't get the /etc/krb5.keytab by default on a DC, you will need
> to create it:
>
> samba-tool domain exportkeytab /etc/krb5.keytab
>
> Rowland
>
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
More information about the samba
mailing list