> > [DOMAIN\computercomputer ~]$ klist -5 > klist: No credentials cache found (ticket cache > FILE:/tmp/krb5cc_16777222) > > [DOMAIN\computercomputer ~]$ kinit -5 compute...@domain.com > Password for comput...@domain.com: > > As you know, computer account passwords are not supposed to be entered > by > users under normal circumstances. > How can I obtain a krb5 ticket for the computer account? >
Hi Mustafa, To be able to check out a ticket in that way you need to set userprincipialname on the computeraccount. I do that when I join with: # net ads join createupn="host/hostname.domain....@domain.tld" I then create a keytab file: # net ads keytab create You don't need a userprincipialname to have a keytab but you have to have upn set if you want to check out a ticket from a keytab to a ccache. There are some options in smb.conf about kerberos keytab that I guess you want to use. Regards, Andreas Larsson -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
