[Samba] NFSv4 / Krb / wildcard in keytab
smblist at rednsx.org
Thu Mar 31 13:41:54 UTC 2016
On Thu, 31 Mar 2016, Service Informatique IF wrote:
> The problem for us is to join computer automatically to Samba : Maybe
> you have a solution ? (without passwd)
It's not exactly without password, but if you are building your own
machines via kickstart or similar and just want to automate the join, you
can do a "net ads join -UAdministrator%password".
In theory you could do this with a kerberos keytab as well, using kinit
with the keytab file, then a "net join -k" (possibly "-k yes"), as
However, I seem to recall not being able to get "net join -k" to work last
time I tried. I'm also not sure that distributing keytabs for
adminsitrative accounts is any better than using a password.
> Or maybe if it's possible, create computer accounts in Samba with
> samba-tool user add ... and so, I could create computer keytab directly
> from Samba.
I suspect this may be possible, but I've never tried it. You would also
have to copy the keytab to the appropriate machines after creating them.
More information about the samba