Re: [Samba] added spn and exported keytab not match
- Date: Fri, 1 Dec 2017 13:46:53 +0400
- From: Mike Lykov via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] added spn and exported keytab not match
30.11.2017 20:40, Mike Lykov via samba пишет:
User CN=proxy,CN=Users,DC=dc,DC=S****,DC=ru has the following
A.Bartlett wrote about it:
25.01.13 (this list)
Exactly. While the Samba KDC is smart, and knows these are the same
user, the keytab and krb5 client tools are dumb (very), they work on
exact string matches, so you have export out exactly the name you want
to kinit as, or kinit as HTTP/....
But I can't export keytab "exactly", because my samba-tool show this error:
ERROR(runtime): uncaught exception - Key table entry not found
line 175, in _run
return self.run(*args, **kwargs)
spn list shows principals, but domain export can't find that principals.
I don't know why.
To unsubscribe from this list go to the following URL and read the