[Samba] samba4 ticket server cifs/ not found in keytab
listmail
mailinglist at northstate.net
Thu Apr 26 14:09:38 UTC 2018
On 2018-04-26 09:48, L.P.H. van Belle via samba wrote:
> Hai,
>
>> From your smb.
>> realm = AD.INTERNALTWO.COM
>> netbios name = nas1dev-rhel7
>> server string = nas1dev-rhel7
>
> Is i expect
> cifs/nas1dev-rhel7.ad.yourPrimaryDomain.tld at AD.INTERNALTWO.COM
> Check you hosts file and resolve.conf
>
> Like in what is the output of :
> hostname -I and hostname -A
>
the AD.INTERNALONE.COM is appended somehow when accessing
AD.INTERNALTWO.COM from the AD.INTERNALONE.COM domain -- then CIFS
ticket error occurs. the actual hostname of the samba server is
nas1dev-rhel7.
>
> For cifs kerberos tickets, add in krb5.conf the following lines.
>
> default_tgs_enctypes = aes256-cts-hmac-sha1-96 rc4-hmac
> des-cbc-crc des-cbc-md5
> default_tkt_enctypes = aes256-cts-hmac-sha1-96 rc4-hmac
> des-cbc-crc des-cbc-md5
> permitted_enctypes = aes256-cts-hmac-sha1-96 rc4-hmac des-cbc-crc
> des-cbc-md5
>
> That might help, then try again, you might need to restart the server
> first.
>
> And this is wrong.
> idmap config * : range = 1000000-1999999
> idmap config * : backend = tdb
> idmap config INTERNALTWO range = 1000000-1999999
> idmap config INTERNALTWO : backend = ads
> idmap config NAS1DEV-RHEL7 : range = 1000000-1999999
> idmap config NAS1DEV-RHEL7 : backend = tdb
>
> These range may not overlap.
> Review your setup smb.conf base on :
> https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member
>
More information about the samba
mailing list