[Samba] Kerberos authentication issue after upgrading from 4-14-stable to 4-15-stable

Rowland Penny rpenny at samba.org
Fri Jan 28 11:57:00 UTC 2022

On Fri, 2022-01-28 at 12:30 +0100, L.P.H. van Belle via samba wrote:
> Hai
> That looks very nice. Well done :-) 
> I see usefull things in this for our network (future changes).. 
> I have only few questions on this. 
> This line: 
> sudo apt install nslcd nslcd-utils libnss-ldapd libpam-ldapd
> libsasl2-modules-gssapi-heimdal
> To be added in "code" (i already did this )
> Its obligated to set UID/GIDS? Like, this does not work with a member
> RID setup? 

No, it will not work with the 'rid' backend, or rather, you will get
different ID's. It works by doing ldap lookups into AD, so you need
UidNumber attributes in AD.

> This one: krb5_ccname /tmp/nslcd.tkt
> After a reboot thats going, any objection to set that to /var/tmp  ? 

I cannot see any reason why not, you just need to change all mention of
/tmp/nslcd.tkt to /var/tmp/nslcd.tkt


More information about the samba mailing list