On 16/07/12 12:10, Quinn Plattel wrote:
Hi, Thanks for the info. I am now trying two ways to get, for example, the nslcd service to work with samba4 kerberos.
The host principals are already there so I can't see why you are trying to recreate them. Don't use the host key. Use a separate key to unlock the nslcd service so that it cann access the Samba 4 LDAP.
The problem with nslcd in Ubuntu is k5start. The configuration file is located In /etc/default/nslcd which prevents it using a Samba4 principal. With Samba4, nslcd triggeres k5start and it has no key to reference.
Set k5start to "No" and start it manually yourself with a keytab you have extracted for your nslcd-service. If you do not, you will have to manually restart nslcd every 10 hours anyway.
Cheers, HTH Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Linux] [Info Cyrus] [LARTC] [Bugtraq] [Netfilter] [Internet Dating Forums] [RAID] [Yosemite News] [Photography]
|
|