Re: [Samba] klist versus kadmin
2008/11/10 Gerald (Jerry) Carter <[EMAIL PROTECTED]>: > You can only get a TGT using either the UPN or the > sAMAccountName. Machine accounts have no UPN by default. > My guess is that this is the root of your troubles. Hello Jerry, I think I already have a TGT, klist says that I have a TGT named krbtgt/[EMAIL PROTECTED]: Valid starting ExpiresService principal 11/11/08 10:14:07 11/11/08 20:13:52 krbtgt/[EMAIL PROTECTED] and kutil: rkt /etc/krb5.keytab says I have nine principals: 3 x host/[EMAIL PROTECTED] 3 x host/[EMAIL PROTECTED] 3 x [EMAIL PROTECTED] (In Active directory I see a sAMAccountName of "hostname$", not "HOSTNAME$".) Hopefully I am nearly there :) What you say I need to get a TGT using either the UPN or the sAMAccountName, what should I be doing differently? Thanks, Degbert -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] klist versus kadmin
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 degbert degbert wrote: > I'm having a problem with kadmin not doing what klist says should work. > > klist will show my keytab file (with minus k), but when I try and use > a principal in that keytab with kinit, I get an error: > kinit(v5): Client not found in Kerberos database while getting > initial credentials You can only get a TGT using either the UPN or the sAMAccountName. Machine accounts have no UPN by default. My guess is that this is the root of your troubles. cheers, jerry - -- = Samba--- http://www.samba.org Likewise Software - http://www.likewisesoftware.com "What man is a man who does not make the world better?" --Balian -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFJGHD2IR7qMdg1EfYRAqcaAJ9f20XSP/OejM9iNyqlwMw0IDJDmgCfWKYE M3qKQK0vd8PAdbnhr1c3WoQ= =mOQo -END PGP SIGNATURE- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
[Samba] klist versus kadmin
I'm having a problem with kadmin not doing what klist says should work. klist will show my keytab file (with minus k), but when I try and use a principal in that keytab with kinit, I get an error: kinit(v5): Client not found in Kerberos database while getting initial credentials I setup both the Windows server and the Linux client, so I've made a mistake somewhere. What have I done wrong? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba