Hi,
had the same error trying to re-setup DNS keytab.
In my setup kvno was indeed existing, not seen by ktpass.sh
The problem:
1) ldbsearch -k 1 does not work with ldap://localhost or
ldap://IP you *must*** use hostname of the machine
2) ldbsearch (at least in my setup) does not exists,
where ktpass.sh is trying to find it.... and ktpass.sh *does not
complain about it*
Try passing: --path-to-ldbsearch <directory_of_ldbsearch>
Or alternatively, apply attached path to your samba source tree (ne
recompile needed)
You can verify if you have this principal by: samba-tool spn list
<your user that should have this principal>
2013.04.29 19:52, Tim Vangehugten rašė:
> Hi,
>
> I was trying to get a new keytab in samba4 for my apache service. So I
> tried the following command:
>
> sh ktpass.sh --out /etc/apache.keytab --princ
> HTTP/[email protected] --pass VerySecure123 --enc
> des-cbc-md5
>
> I get the following error: Unable to find kvno for principal
> HTTP/[email protected]
>
> Am I doing something wron or shouldn't I be using ktpass.sh?
>
>
> Best Regards
> Tim Vangehugten
diff --git a/source4/scripting/bin/ktpass.sh b/source4/scripting/bin/ktpass.sh
index e758eb3..b4583b1 100755
--- a/source4/scripting/bin/ktpass.sh
+++ b/source4/scripting/bin/ktpass.sh
@@ -54,10 +54,21 @@ if [ -z "$enc" ]; then
enc="rc4-hmac"
fi
if [ -z "$path" ]; then
- path=`dirname $0`/../bin/
- if [ ! -f ${path}ldbsearch ]; then
- path=`dirname $0`/../../bin/
- fi
+ path=`which ldbsearch 2>/dev/null`
+ if [ -f "$path" ]; then
+ path=`dirname "$path"`
+ else
+ for d in "$(dirname "$0")/../bin" "$(dirname "$0")/../../bin" /opt/samba4 /usr/local/samba4 /usr/local /usr; do
+ [ ! -f "$d/ldbsearch" ] && continue
+ path="$d"
+ break;
+ done
+ if [ -z "$path" ]; then
+ echo "Cannot figure out where do you have your ldbsearch"
+ usage
+ fi
+ fi
+ path="$path/"
fi
if [ -z "$outfile" -o -z "$princ" -o -z "$pass" ]; then
echo "At least one mandatory parameter (--out, --princ, --pass) was not specified"
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
