[Samba] KRB5 pam_winbind using KEYRING does not work
Rowland Penny
rpenny at samba.org
Wed Oct 29 17:24:40 UTC 2025
On Wed, 29 Oct 2025 08:32:44 +0100
Rainer Meier via samba <samba at lists.samba.org> wrote:
>
> > So It works for myself on two different distros (and without
> > libpam-krb5).
> > So it looks like it is an Arch problem.
>
> OK, I will have to go through so me more testing.
> In regards to ARCH installation. I am actually also using EndeavourOS
> (EOS) on my side. It's very quick to install and providing quite
> "pure" ARCH Linux experience. Manjaro might be just as good.
>
> I don't want to waste more of your time. Thanks for tracking it down
> on other distros. I will do some more testing on ARCH and potential
> other platforms before coming back here.
>
> Thank you!
>
> Rainer
>
I now know what is happening, but not why.
If I log into a Debian computer, I get a kerberos ticket, the
'KRB5CCNAME' is set in 'env' and klist shows the ticket. None of that
occurs on EndeavourOS (yes I managed to install it), but if you run
'kinit' you get a ticket. I have no idea why it doesn't work like
Debian (presumably RL10 works the same, but I haven't checked).
Rowland
More information about the samba
mailing list