I suspect I might be grossly misunderstanding kerberos and AD here, but I cant seem to grok the following.
net ads join integrates my linux samba server (named foundry) into an AD domain and all works fine. The samba server is using the kerberos keytab. [EMAIL PROTECTED]:~ # kinit -k -t /etc/krb5.keytab foundry$ [EMAIL PROTECTED]:~ # kinit -k -t /etc/krb5.keytab host/foundry.example.local kinit(v5): Client not found in Kerberos database while getting initial credentials Why can't kinit find the service host/foundry.example.local in the AD Kerberos database? It seems to be in the local linux server keylist: [EMAIL PROTECTED]:~ # klist -k Keytab name: FILE:/etc/krb5.keytab KVNO Principal ---- -------------------------------------------------------------------------- 2 host/[EMAIL PROTECTED] 2 host/[EMAIL PROTECTED] .... cut ... What am I missing here? Thanks, Bradley -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba