Am Mittwoch, den 12.11.2008, 15:48 +0100 schrieb John Jasen: > Christoph Maser wrote: > > > > We use sambas "net" command: > > > > Make a keytab: > > net ads keytab create > > > > Add service principals: > > net ads keytab add <SERVICE> > > > > Actually we use samba/winbindd for everything wich has to do with > > AD-intergration and we are really happy with it. > > Unless you're doing something radically different than I am, and thus > know better, you might want to doublecheck the keytab entries created > for the service principals mapped to the machine name. > > I tried net ads keytab manipulation on my RHEL4 test boxes, and > encountered the problem where only one out of all the SPNs generated can > authenticate. >
We used these keytabs for ssh and apache-httpd on CentOS4 and 5. ssh uses the host -principal so that prolly does not count. Could you tell me which Services you tried to use kerberized together so i can test this too? Chris financial.com AG Munich head office/Hauptsitz München: Maria-Probst-Str. 19 | 80939 München | Germany Frankfurt branch office/Niederlassung Frankfurt: Messeturm | Friedrich-Ebert-Anlage 49 | 60327 Frankfurt | Germany Management board/Vorstand: Dr. Steffen Boehnert (CEO/Vorsitzender) | Dr. Alexis Eisenhofer | Dr. Yann Samson | Matthias Wiederwach Supervisory board/Aufsichtsrat: Dr. Dr. Ernst zur Linden (chairman/Vorsitzender) Register court/Handelsregister: Munich – HRB 128 972 | Sales tax ID number/St.Nr.: DE205 370 553 _______________________________________________ Tech mailing list [email protected] http://lopsa.org/cgi-bin/mailman/listinfo/tech This list provided by the League of Professional System Administrators http://lopsa.org/
