Christoph Maser wrote: > Am Dienstag, den 11.11.2008, 23:20 +0100 schrieb John Jasen: >> At $ORK, we're testing kerberized NFS across a bunch of clients. One >> issue that we've run into is that ktpass.exe is just plain annoying. >> Another issue we've tripped across has to deal with service principal >> names and mapping them to an AD user. >> > > > We use sambas "net" command: > > Make a keytab: > net ads keytab create > > Add service principals: > net ads keytab add <SERVICE> > > Actually we use samba/winbindd for everything wich has to do with > AD-intergration and we are really happy with it.
Unless you're doing something radically different than I am, and thus know better, you might want to doublecheck the keytab entries created for the service principals mapped to the machine name. I tried net ads keytab manipulation on my RHEL4 test boxes, and encountered the problem where only one out of all the SPNs generated can authenticate. -- -- John E. Jasen ([EMAIL PROTECTED]) -- No one will sorrow for me when I die, because those who would -- are dead already. -- Lan Mandragoran, The Wheel of Time, New Spring _______________________________________________ Tech mailing list [email protected] http://lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
