[Samba] Fwd: kerberos
Sorry - Forwarded Message - From: Saad Benateigha sbenatei...@geomega.com To: Andrew Bartlett abart...@samba.org Sent: Friday, March 8, 2013 4:09:36 PM Subject: Re: [Samba] kerberos Andrew: I have found some information in the Samba and beyond And this what I did # samba-tool user create postgres-servername # samba-tool spn add postgres/servername.domain_name@REALM postgres-servername The following command: # samba-tool domain exportkeytab /root/krb5.keytab --principal=postgres/servername.domain_name@REALM generates the following exception ERROR(runtime): uncaught exception - Key table entry not found File /usr/local/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py, line 175, in _run return self.run(*args, **kwargs) File /usr/local/samba/lib/python2.7/site-packages/samba/netcmd/domain.py, line 103, in run net.export_keytab(keytab=keytab, principal=principal) What did I do? Saad - Forwarded Message - From: Saad Benateigha sbenatei...@geomega.com To: Ricky Nance ricky.na...@weaubleau.k12.mo.us Sent: Friday, March 8, 2013 1:08:34 PM Subject: Re: [Samba] kerberos Thank you for that I was wondering if anyone has created a service principle for postgresql? S. - Forwarded Message - From: Ricky Nance ricky.na...@weaubleau.k12.mo.us To: Andrew Bartlett abart...@samba.org Cc: Saad Benateigha sbenatei...@geomega.com, samba@lists.samba.org Sent: Friday, March 8, 2013 5:37:36 AM Subject: Re: [Samba] kerberos https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO_TEMP#Samba_AD_management may be of help. Ricky On Fri, Mar 8, 2013 at 12:53 AM, Andrew Bartlett abart...@samba.org wrote: On Wed, 2013-03-06 at 14:18 -0700, Saad Benateigha wrote: I am having a problem using kerberos I have installed samba4, and it appears to work correctly However I want to create a service principle and every time I try to use kadmin -p admin I get this error: Database error! Required KADM5 principal missing while initializing kadmin interface What am I doing wrong? Is there another command since Samba4 has it own kerberos? Please shed some light on my dilemma. Correct, you cannot use kamin against a Samba AD DC. We do not provide this interface. See samba-tool to managet your AD users. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Win 7 - Rejecting auth request from client
From: Phil Anderson p...@pza.net.au Date: Fri, 8 Mar 2013 10:50:40 +0800 I have an odd issue where I'm getting auth request failure errors for all my Windows 7 machines. The strange thing is that everything appears to be functioning perfectly. I can add machines to the domain, log in as domain users, browse domain shares, and the machines regularly change their trust password. So functionally, everything is fine it's only the log message which is concerning me: rpc_server/netlogon/srv_netlog_nt.c:976(_netr_ServerAuthenticate3) _netr_ServerAuthenticate3: netlogon_creds_server_check failed. Rejecting auth request from client MACHINE machine account MACHINE$ Does your issue meet this article? https://lists.samba.org/archive/samba/2013-January/171085.html --- TAKAHASHI Motonobu mo...@monyo.com / @damemonyo facebook.com/takahashi.motonobu -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Fwd: kerberos
2013-03-09 15:49 keltezéssel, Saad Benateigha írta: Sorry - Forwarded Message - From: Saad Benateigha sbenatei...@geomega.com To: Andrew Bartlett abart...@samba.org Sent: Friday, March 8, 2013 4:09:36 PM Subject: Re: [Samba] kerberos Andrew: I have found some information in the Samba and beyond And this what I did # samba-tool user create postgres-servername # samba-tool spn add postgres/servername.domain_name@REALM postgres-servername The following command: # samba-tool domain exportkeytab /root/krb5.keytab --principal=postgres/servername.domain_name@REALM generates the following exception ERROR(runtime): uncaught exception - Key table entry not found File /usr/local/samba/lib/python2.7/site-packages/samba/netcmd/__init__.py, line 175, in _run return self.run(*args, **kwargs) File /usr/local/samba/lib/python2.7/site-packages/samba/netcmd/domain.py, line 103, in run net.export_keytab(keytab=keytab, principal=principal) What did I do? Saad - Forwarded Message - From: Saad Benateigha sbenatei...@geomega.com To: Ricky Nance ricky.na...@weaubleau.k12.mo.us Sent: Friday, March 8, 2013 1:08:34 PM Subject: Re: [Samba] kerberos Thank you for that I was wondering if anyone has created a service principle for postgresql? S. - Forwarded Message - From: Ricky Nance ricky.na...@weaubleau.k12.mo.us To: Andrew Bartlett abart...@samba.org Cc: Saad Benateigha sbenatei...@geomega.com, samba@lists.samba.org Sent: Friday, March 8, 2013 5:37:36 AM Subject: Re: [Samba] kerberos https://wiki.samba.org/index.php/Samba_AD_DC_HOWTO_TEMP#Samba_AD_management may be of help. Ricky On Fri, Mar 8, 2013 at 12:53 AM, Andrew Bartlett abart...@samba.org wrote: On Wed, 2013-03-06 at 14:18 -0700, Saad Benateigha wrote: I am having a problem using kerberos I have installed samba4, and it appears to work correctly However I want to create a service principle and every time I try to use kadmin -p admin I get this error: Database error! Required KADM5 principal missing while initializing kadmin interface What am I doing wrong? Is there another command since Samba4 has it own kerberos? Please shed some light on my dilemma. Correct, you cannot use kamin against a Samba AD DC. We do not provide this interface. See samba-tool to managet your AD users. Andrew Bartlett Hi, Just out of memory: Have you tried: samba-tool domain exportkeytab /root/krb5.keytab --principal=postgres/servername.domain_name without the @REALM part? Regards Geza Gemes -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
