[Samba] Samba/Kerberos setup - how to enable alternative UPN
Mgr. Peter Tuharsky
tuharsky at misbb.sk
Fri Jun 30 08:09:16 UTC 2017
Hi all,
I have W2k8 AD and I need to join Samba fileserver.
Since I'm new to the topic, I'm following a howto, and it says I must
first make Kerberos authenticate users and only then start configuring
Samba. But I cannot get over the Kerberos setup.
The domain is named like ad.domain.com but there is alternative UPN
Suffix so that users are represented by UPN such as user at domain.com
I'm unable to explain this to Kerberos. kinit is able to authenticate
user with full domain name, such as user at AD.DOMAIN.COM
but unable for user at DOMAIN.COM
(kinit: Cannot find KDC for realm "DOMAIN.COM" while getting initial
credentials)
Please, does anybody have experience with such setup? I have googled
over, but haven't found a working solution yet.
More information about the samba
mailing list