On 12/01/12 06:15, Gémes Géza wrote:
2012-01-11 23:48 keltezéssel, steve írta:
Hi
After starting Samba 4, before anyone can do anything, Administrator
has to do a kinit to get a new ticket. This creates a cache
/tmp/krb5cc_0 with an expiry time.
I've created a host principal and put it into the keytab:
samba-tool spn add host someuser
samba-tool domain exportkeytab /etc/krb5.keytab --principal=host/HH3.SITE
How can I keep Samba 4 up without having to get a new Administrator
ticket every 10 hours?
Thanks,
Steve
That looks really strange.
Could you send your smb.conf
an output from ls -R /path/to/your/samba4/installation (assuming you
aren't using some prepackaged version, but you've done a classic
configure, make, make install).
I've cc-ed samba-technical.
Regards
Geza
Hi Geza and thanks for the cc to s-technical. I still don't dare join.
I think that this is because I need the cache because I have added
rfc2307 attributes to the Samba4 LDAP and am using nslcd to map users.
cat /usr/local/samba/etc/smb.conf
# Global parameters
[global]
server role = domain controller
workgroup = CACTUS
realm = hh3.site
netbios name = HH3
passdb backend = samba4
template shell = /bin/bash
[netlogon]
path = /usr/local/samba/var/locks/sysvol/hh3.site/scripts
read only = No
[sysvol]
path = /usr/local/samba/var/locks/sysvol
read only = No
[home]
path = /home/CACTUS
read only = No
[profiles]
path = /home/CACTUS/profiles
read only = no
grep -v "#" /etc/nslcd.conf
uid root
gid root
uri ldap://127.0.0.1/
base dc=hh3,dc=site
binddn cn=Administrator,cn=Users,dc=hh3,dc=site
bindpw 123@Abcd
map passwd uid sAMAccountName
map passwd homeDirectory unixHomeDirectory
map shadow uid sAMAccountName
sasl_mech GSSAPI
sasl_realm HH3.SITE
The output of ls -R /usr/local/samba is at:
http://steve-ss.com/ls.txt
Thanks for your time (again)
Steve
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
