[Samba] Can't kinit SPN - Client not found in Kerberos database while getting initial credentials
Sam R
sr42354 at gmail.com
Thu Sep 16 10:09:16 UTC 2021
Hello to all,
I am trying to set up a GSSAPI connection for postfix smtp with cyrus SASL
and saslauthd.
I have two AD samba4 servers.
I am creating a keytab file for the smtp service but I am stuck.
To limit the possibilities I test directly the kinit command on the AD
server, but without success.... Here is the detail of what I do:
samba-tool user create --random-password postfixuser
samba-tool user setexpiry --noexpiry postfixuser
samba-tool spn add smtp/smtp.internaldom.name postfixuser
samba-tool domain exportkeytab /root/smtp.keytab --principal=smtp/
smtp.internaldom.name
kinit -V -k -t /root/smtp.keytab smtp/smtp.internaldom.name
Using default cache: /tmp/krb5cc_0
Using principal: smtp/smtp.internaldom.name at INTERNALDOM.NAME
Using keytab: /root/smtp.keytab
kinit: Client ' smtp/smtp.internaldom.name at INTERNALDOM.NAME ' not found in
Kerberos database while getting initial credentials
If anyone has a lead...
Thanks à lot.
Samuel
More information about the samba
mailing list