[Samba] SAMBA 4.7.4 with MIT Keberos
Micha Ballmann
ballmann at uni-landau.de
Mon Jan 22 22:05:30 UTC 2018
There is a script in /etc/init.d/krb5-kdc". Do i need remove this? Because this is trying to start automatic krb5kdc at reboot.
Output from pstree and ps:
# pstree | grep samba
|-3*[samba]
|-samba-+-samba---samba---smbd-+-cleanupd
| |-10*[samba]
| |-samba---samba---krb5kdc
| `-samba---samba---winbindd---winbindd
# ps axf
2129 ? Ss 0:00 samba
2130 ? S 0:00 \_ samba
2132 ? S 0:00 | \_ samba
2135 ? Ss 0:00 | \_ /usr/local/samba/sbin/smbd -D --option=server role check:inhibit=yes --foreground
2155 ? S 0:00 | \_ /usr/local/samba/sbin/smbd -D --option=server role check:inhibit=yes --foreground
2156 ? S 0:00 | \_ /usr/local/samba/sbin/smbd -D --option=server role check:inhibit=yes --foreground
2157 ? S 0:00 | \_ /usr/local/samba/sbin/smbd -D --option=server role check:inhibit=yes --foreground
2131 ? S 0:00 \_ samba
2133 ? S 0:00 \_ samba
2134 ? S 0:00 \_ samba
2136 ? S 0:00 \_ samba
2137 ? S 0:00 \_ samba
2138 ? S 0:00 \_ samba
2141 ? S 0:00 | \_ samba
2143 ? S 0:00 | \_ /usr/sbin/krb5kdc -n
2139 ? S 0:00 \_ samba
2140 ? S 0:00 \_ samba
2147 ? S 0:00 | \_ samba
2148 ? Ss 0:00 | \_ /usr/local/samba/sbin/winbindd -D --option=server role check:inhibit=yes --foreground
2159 ? S 0:00 | \_ /usr/local/samba/sbin/winbindd -D --option=server role check:inhibit=yes --foreground
2142 ? S 0:00 \_ samba
2144 ? S 0:00 \_ samba
2145 ? S 0:00 \_ samba
2146 ? S 0:00 \_ samba
Looks fine? But also got same error:
kinit: Cannot find KDC for realm "ROOTRUDI.DE" while getting initial credentials
THY
Micha
Am 22. Januar 2018 21:04:22 MEZ schrieb Micha Ballmann <ballmann at uni-landau.de>:
>Hello,
>
>i installed a SAMBA 4.7.4 AD Server on Ubuntu 18.04 (BETA). SAMBA4 was
>compiled from source. For MIT Keberos i also installed libkrb5-dev and
>krb5-kdc and compiled with the "--with-system-mitkrb5" option.
>
>The installation runs pretty good (some dependencies problem, solved
>manually). But now im not able to test kerberos:
>
># kinit administrator
>
>--> kinit: Cannot find KDC for realm "ROOTRUDI.DE" while getting
>initial
>credentials.
>
>I followed all steps from samba.org:
>
>-
>https://wiki.samba.org/index.php/Running_a_Samba_AD_DC_with_MIT_Kerberos_KDC
>
>-
>https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller
>
>--> hanging on "Verifying Kerberos"
>
>
># vim /usr/local/samba/private/kdc.conf
>-------------------------------------------------
>[kdcdefaults]
> kdc_ports = 88
> kdc_tcp_ports = 88
> kadmind_port = 464
>
>[realms]
> ROOTRUDI.DE = {
> }
>
> rootrudi.de = {
> }
>
> ROOTRUDI = {
> }
>
>[dbmodules]
> db_module_dir = /usr/local/samba/lib/krb5/plugins/kdb
>
> ROOTRUDI.DE = {
> db_library = samba
> }
>
> rootrudi.de = {
> db_library = samba
> }
>
> ROOTRUDI = {
> db_library = samba
> }
>
>[logging]
> kdc = FILE:/usr/local/samba/var/mit_kdc.log
> admin_server = FILE:/usr/local/samba/var/mit_kadmin.log
>-------------------------------------------------
>
># vim /etc/krb5.conf
>-------------------------------------------------
>[libdefaults]
> default_realm = ROOTRUDI.DE
> dns_lookup_realm = false
> dns_lookup_kdc = true
>-------------------------------------------------
>
>What does it mean in
>https://wiki.samba.org/index.php/Running_a_Samba_AD_DC_with_MIT_Kerberos_KDC:
>
>"Do not start the krb5kdc" manually"
>
>Best regards
>Micha
--
Diese Nachricht wurde von meinem Android-Gerät mit K-9 Mail gesendet.
More information about the samba
mailing list