[Samba] Samba and Kerberos
Mark Cogan
arcturus1966 at gmail.com
Wed Apr 27 17:08:49 UTC 2022
I've set this up in Linux 7 without issue, but we're running Rocky Linux 8
and cannot seem to get our MACos system to authenticate with Kerberos. It
just drops into asking for a password.
This is output from the log file when I attempt to connect:
[2022/04/27 13:01:07.656506, 2]
../../source3/lib/tallocmsg.c:84(register_msg_pool_usage)
Registered MSG_REQ_POOL_USAGE
[2022/04/27 13:01:07.656634, 3] ../../lib/util/access.c:372(allow_access)
Allowed connection from 132.250.114.93 (132.250.114.93)
[2022/04/27 13:01:07.807100, 2]
../../source3/lib/tallocmsg.c:84(register_msg_pool_usage)
Registered MSG_REQ_POOL_USAGE
[2022/04/27 13:01:07.807308, 3] ../../lib/util/access.c:372(allow_access)
Allowed connection from 132.250.114.93 (132.250.114.93)
It looks like it's getting the connection. Running klist shows the
connection at least attempted.
% klist
Ticket cache: KCM:12566
Default principal: cogan@<redacted>
Valid starting Expires Service principal
04/27/2022 12:02:49 04/28/2022 12:02:49 krbtgt/<redacted>
04/27/2022 12:03:28 04/28/2022 12:02:49 cifs/sherlock-hemlock.<redacted>
04/27/2022 12:04:03 04/28/2022 12:02:49 host/thig.<redacted>
04/27/2022 12:04:58 04/28/2022 12:02:49 host/maple.<redacted>
04/27/2022 12:24:59 04/28/2022 12:02:49 host/kermit.<redacted>
04/27/2022 12:42:48 04/28/2022 12:02:49 cifs/thig.<redacted>
THIG is the name of the system that is dropping down into password
request. Connection to sherlock-hemlock is working fine with the same
configuration, but Linux 7 variant.
It's like it sees the user, verifies the kerberos connection, but fails to
read the ticket.
- M
More information about the samba
mailing list