[Samba] samba4 ticket server cifs/ not found in keytab
listmail
mailinglist at northstate.net
Thu Apr 26 15:55:50 UTC 2018
On 2018-04-26 10:17, listmail via samba wrote:
> On 2018-04-26 09:59, Rowland Penny via samba wrote:
>
>> I think you need to read this wiki page:
>>
>> https://wiki.samba.org/index.php/Setting_up_Samba_as_a_Domain_Member
>
> I wont argue you that, I inherited this config and only know enough
> about samba to be dangerous ;)
>
>
>> Finally, the error message is telling you that 'nas1dev.external.com'
>> needs an SPN and this also needs to be in /etc/krb5.keytab
>>
>
> What I want to understand it why I need this SPN when accessing this
> host from windows client in another domain, but when I access from IP
> or from Linux to DNS this isn't an issue. Also I am not sure how i
> add a SPN for a domain it is not a member of (in this case
> AD.INTERNALONE). He is a member of AD.INTERNALTWO.
>
> Thanks for the feedback
>
> - Richie
I am still verifying, but I believe I have solved this with:
net ads keytab add host/nas1dev-rhel7.external.com at AD.INTERNALTWO.COM -U
<admin account>
The support and feedback on config issues is highly appreciated.
More information about the samba
mailing list