Re: [Samba] added spn and exported keytab not match
- Date: Thu, 30 Nov 2017 20:40:25 +0400
- From: Mike Lykov via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] added spn and exported keytab not match
30.11.2017 14:00, Rowland Penny via samba пишет:
I am add user with RSAT and add SPN for it with samba-tool (like
root@ad41:/# samba-tool spn list proxy
User CN=proxy,CN=Users,DC=dc,DC=S****,DC=ru has the following
I am not an expert on squid by any means, but you seem to be adding
SPNs meant for a computer account to a user account i.e.
'proxy.S****.ru' would be a FQDN.
Also, the 'S****.ru' should 'dc.s****.ru'
Thanks for the idea. Here:
DC.S****.RU is a kerberos realm and domain name
proxy.s***.ru is a hostname of proxy server with squid
it is NOT joined to domain
hostname is a FQDN, but not in dc.s****.ru zone
(there is some servers not joined to domain and have FQDN in s****.ru
zone, and some workstations and servers joined to domain in dc.s****.ru
on servers not joined to domain configured own, not ADDC dns servers
Are there possibility to configure kerberos auth without joining server
to domain and use ADDC dns servers?
I think you are going to have to wait until Louis gets over the flu, he
is the expert on squid ;-)
I saw this sadly news and best wishes to him too ;)
To unsubscribe from this list go to the following URL and read the