[Samba] Key table name malformed

mj lists at merit.unu.edu
Wed Apr 5 06:30:08 UTC 2017 

Hi Louis,

On 04/05/2017 07:51 AM, L.P.H. van Belle via samba wrote:
> Yes, post the complete smb.conf.. when what os your running.
> Then we can have a look better whats going on.
>
> Greetz,
>
> Louis

Here is the smb.conf for the debian 8.7 domain member server running 
samba 4.6.1:
> root at processing:~# cd /etc/samba/
> root at processing:/etc/samba# cat smb.conf
> [global]
>
> netbios name = processing
> workgroup = WKRGRP
> security = ADS
> realm = SAMBA.COMPANY.COM
>
> dedicated keytab file = /etc/krb5.keytab
> kerberos method = secrets and keytab
> winbind refresh tickets = yes
> winbind use default domain = yes
> winbind enum users  = yes
> winbind enum groups = yes
>
> idmap config *:backend = tdb
> idmap config *:range = 1000000-1000999
> idmap config INTECH:backend = ad
> idmap config INTECH:schema_mode = rfc2307
> idmap config INTECH:range = 500-999999
> idmap config INTECH:unix_nss_info = yes
>
> winbind nss info = rfc2307
>
> log level = 3

Here is smb.conf for the DC2, running samba 4.5.6 on debian 7.11:
> root at DC2:~# cat /etc/samba/smb.conf
> # Global parameters
> [global]
> 	workgroup = WKRGRP
> 	realm = samba.company.com
> 	netbios name = DC2
> 	server role = active directory domain controller
> 	dns forwarder = 192.65.132.5
>       allow dns updates = nonsecure
>
>       server signing = mandatory
>       ntlm auth = yes
>       ldap server require strong auth = no
> 	printing = bsd
> 	log level = 3
>       idmap_ldb:use rfc2307 = yes
>
>
> [netlogon]
> 	path = /var/lib/samba/sysvol/samba.company.com/scripts
> 	read only = No
>
> [sysvol]
> 	path = /var/lib/samba/sysvol
> 	read only = No
>       acl_xattr:ignore system acls = yes

This domain seems to be mostly running fine for some years, ever since 
samba 4.1.16 or so.

I realise that my realm on the DC is written in lower case. However 
testparm shows it uppercase, and everyting has always been running good, 
that why I was afraid to change it to capitals. It's lower case ONLY in 
the smb.conf on the three the DCs. Everywhere else in caps.

Ideas?

More information about the samba mailing list