Hi,
I'm trying to get an IMAP server to authenticate using Kerberos rather than
storing and sending passwords all over the place. I've tried to do this
following the instructions for setting up Apache SSO
(https://wiki.samba.org/index.php/Samba4/beyond#Apache_Single_Sign-On) but am
unable to export the keytab. Searching through the list it looks like a few
others have experienced the same problem but I don't see any solutions. The
error I get when exporting is as follows.
ERROR(runtime): uncaught exception - Key table entry not found
File "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py",
line 175, in _run
return self.run(*args, **kwargs)
File "/usr/local/samba/lib/python2.7/site-packages/samba/netcmd/domain.py",
line 103, in run
net.export_keytab(keytab=keytab, principal=principal)
I've checked to see that the spn has been created and is associated with the
user and it is. Any ideas on what could be causing this?
Also, wouldn't it be a better idea to add the spn to the machine account rather
than create a user account? How could this be done? Is there a way to create
machine accounts from the command line rather than through "AD Users and
Computers" on a Windows box?
Cheers,
Justin.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
