Which is the preferred method of handling service principals when the samba server is an ads member -- turning on "use kerberos keytab" in smb.conf, or the default secrets.tdb? Is there any particular reason I should use one over the other?
Also, all I see in secrets.tdb is the the machine password while in krb5.keytab i see 100+ principals corresponding to various combinations of instance and enctype. Is the password in the secret store used to generate keys which are kept in memory? Thanks, -brian -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
