All, I’m working on setting up Samba to serve files from a server attached to our IPA domain. I followed the directions in https://www.freeipa.org/page/Howto/Integrating_a_Samba_File_Server_With_IPA. Everything seems to work and I can access the files from another RHEL server attached to the same domain using a Kerberos ticket from a user from the trusted AD domain. However, I can’t access this share from a windows client that is also attached to the trusted AD domain.
My smb.conf is as follows: [global] workgroup = IPA realm = IPA.DOMAIN kerberos method = dedicated keytab dedicated keytab file = FILE:/etc/samba/samba.keytab log file = /var/log/samba/log.%m log level = 3 security = ads load printers = no disable spoolss = yes map to guest = Never restrict anonymous = 2 [spacetest] path = /var/www writable = yes browsable = yes I put the keytab in place from the cifs service from the IPA server. I feel like I’m missing something small, but I can’t seem to find it. Logs from samba are here: http://pastebin.com/aMDXfR78 Andy Brook Sr. Systems Administrator | Center for Research Informatics | University of Chicago T: 773-834-0458 | http://cri.uchicago.edu ******************************************************************************** This e-mail is intended only for the use of the individual or entity to which it is addressed and may contain information that is privileged and confidential. If the reader of this e-mail message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is prohibited. If you have received this e-mail in error, please notify the sender and destroy all copies of the transmittal. Thank you University of Chicago Medicine and Biological Sciences ******************************************************************************** -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project