Re: [Samba] Fwd: kerberos
2013-03-09 15:49 keltezéssel, Saad Benateigha írta: Sorry - Forwarded Message - From: "Saad Benateigha" To: "Andrew Bartlett" Sent: Friday, March 8, 2013 4:09:36 PM Subject: Re: [Samba] kerberos Andrew: I have found some information in the Samba and beyond And this what I did # samba-tool user create postgres-servername # samba-tool spn add postgres/servername.domain_name@REALM postgres-servername The following command: # samba-tool domain exportkeytab /root/krb5.keytab --principal=postgres/servername.domain_name@REALM generates the following exception ERROR(runtime): uncaught exception - Key table entry not found File "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py", line 175, in _run return self.run(*args, **kwargs) File "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/domain.py", line 103, in run net.export_keytab(keytab=keytab, principal=principal) What did I do? Saad - Forwarded Message - From: "Saad Benateigha" To: "Ricky Nance" Sent: Friday, March 8, 2013 1:08:34 PM Subject: Re: [Samba] kerberos Thank you for that I was wondering if anyone has created a service principle for postgresql? S. - Forwarded Message - From: "Ricky Nance" To: "Andrew Bartlett" Cc: "Saad Benateigha" , samba@lists.samba.org Sent: Friday, March 8, 2013 5:37:36 AM Subject: Re: [Samba] kerberos https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO_TEMP#Samba_AD_management may be of help. Ricky On Fri, Mar 8, 2013 at 12:53 AM, Andrew Bartlett < abart...@samba.org > wrote: On Wed, 2013-03-06 at 14:18 -0700, Saad Benateigha wrote: I am having a problem using kerberos I have installed samba4, and it appears to work correctly However I want to create a service principle and every time I try to use kadmin -p admin I get this error: Database error! Required KADM5 principal missing while initializing kadmin interface What am I doing wrong? Is there another command since Samba4 has it own kerberos? Please shed some light on my dilemma. Correct, you cannot use kamin against a Samba AD DC. We do not provide this interface. See samba-tool to managet your AD users. Andrew Bartlett Hi, Just out of memory: Have you tried: samba-tool domain exportkeytab /root/krb5.keytab --principal=postgres/servername.domain_name without the @REALM part? Regards Geza Gemes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Win 7 - Rejecting auth request from client
From: Phil Anderson Date: Fri, 8 Mar 2013 10:50:40 +0800 > I have an odd issue where I'm getting auth request failure errors for all > my Windows 7 machines. The strange thing is that everything appears to be > functioning perfectly. I can add machines to the domain, log in as domain > users, browse domain shares, and the machines regularly change their trust > password. So functionally, everything is fine it's only the log > message which is concerning me: > rpc_server/netlogon/srv_netlog_nt.c:976(_netr_ServerAuthenticate3) > _netr_ServerAuthenticate3: netlogon_creds_server_check failed. Rejecting > auth request from client MACHINE machine account MACHINE$ Does your issue meet this article? https://lists.samba.org/archive/samba/2013-January/171085.html --- TAKAHASHI Motonobu / @damemonyo facebook.com/takahashi.motonobu -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Fwd: kerberos
Sorry - Forwarded Message - From: "Saad Benateigha" To: "Andrew Bartlett" Sent: Friday, March 8, 2013 4:09:36 PM Subject: Re: [Samba] kerberos Andrew: I have found some information in the Samba and beyond And this what I did # samba-tool user create postgres-servername # samba-tool spn add postgres/servername.domain_name@REALM postgres-servername The following command: # samba-tool domain exportkeytab /root/krb5.keytab --principal=postgres/servername.domain_name@REALM generates the following exception ERROR(runtime): uncaught exception - Key table entry not found File "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py", line 175, in _run return self.run(*args, **kwargs) File "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/domain.py", line 103, in run net.export_keytab(keytab=keytab, principal=principal) What did I do? Saad - Forwarded Message - From: "Saad Benateigha" To: "Ricky Nance" Sent: Friday, March 8, 2013 1:08:34 PM Subject: Re: [Samba] kerberos Thank you for that I was wondering if anyone has created a service principle for postgresql? S. - Forwarded Message - From: "Ricky Nance" To: "Andrew Bartlett" Cc: "Saad Benateigha" , samba@lists.samba.org Sent: Friday, March 8, 2013 5:37:36 AM Subject: Re: [Samba] kerberos https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO_TEMP#Samba_AD_management may be of help. Ricky On Fri, Mar 8, 2013 at 12:53 AM, Andrew Bartlett < abart...@samba.org > wrote: On Wed, 2013-03-06 at 14:18 -0700, Saad Benateigha wrote: > I am having a problem using kerberos > > I have installed samba4, and it appears to work correctly > However I want to create a service principle > and every time I try to use > kadmin -p admin > I get this error: > Database error! Required KADM5 principal missing while initializing kadmin > interface > > What am I doing wrong? > Is there another command since Samba4 has it own kerberos? > Please shed some light on my dilemma. Correct, you cannot use kamin against a Samba AD DC. We do not provide this interface. See samba-tool to managet your AD users. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba