All,
I’m working on setting up Samba to serve files from a server attached to our
IPA domain. I followed the directions in
https://www.freeipa.org/page/Howto/Integrating_a_Samba_File_Server_With_IPA.
Everything seems to work and I can access the files from another RHEL server
attached to the same domain using a Kerberos ticket from a user from the
trusted AD domain. However, I can’t access this share from a windows client
that is also attached to the trusted AD domain.
My smb.conf is as follows:
[global]
workgroup = IPA
realm = IPA.DOMAIN
kerberos method = dedicated keytab
dedicated keytab file = FILE:/etc/samba/samba.keytab
log file = /var/log/samba/log.%m
log level = 3
security = ads
load printers = no
disable spoolss = yes
map to guest = Never
restrict anonymous = 2
[spacetest]
path = /var/www
writable = yes
browsable = yes
I put the keytab in place from the cifs service from the IPA server.
I feel like I’m missing something small, but I can’t seem to find it. Logs from
samba are here: http://pastebin.com/aMDXfR78
Andy Brook
Sr. Systems Administrator | Center for Research Informatics | University of
Chicago
T: 773-834-0458 | http://cri.uchicago.edu
********************************************************************************
This e-mail is intended only for the use of the individual or entity to which
it is addressed and may contain information that is privileged and confidential.
If the reader of this e-mail message is not the intended recipient, you are
hereby notified that any dissemination, distribution or copying of this
communication is prohibited. If you have received this e-mail in error, please
notify the sender and destroy all copies of the transmittal.
Thank you
University of Chicago Medicine and Biological Sciences
********************************************************************************
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
