Web lists-archives.com

Re: [Samba] Question: Samba and YP-Yellow Pages relation.

On Thu, 5 Apr 2018 17:01:22 -0300
"Suporte - KONTROL" <suporte@xxxxxxxxxxxxxxxxxxxxxx> wrote:

> Hi Rowland,
> First of all, thanks Much for the message. Appreciate it!
> Here more details...
> The users do not log into the pfSense. The Samba is being used to
> authenticate users with the proxy (squid) in a pfsense environment
> (Freebsd) The PfSense box is added to the AD Domain as a "Member"
> only, so that way the proxy can authenticate against the AD via
> NTLM/Kerberos.
> Here is part of my script to add/leave Domain and also to create a
> keytab file to use against Kerberos.
> #joining a Domain
> net ads join createupn=HTTP/hostname001.corp@xxxxxxxxxxx -k  
> echo
> #adding SPN HTTP 
> echo "Adding the SPN HTTP"
> net ads keytab add HTTP
> echo
> #Generating keytab file
> net ads keytab create -k

You can get the keytab created during the join by adding:

    dedicated keytab file = /etc/krb5.keytab
    kerberos method = secrets and keytab

To smb.conf before the join, not sure about the UPN though, never tried

It sounds like you are running Samba as a Unix domain member, any
chance of seeing the (sanitized) smb.conf ? Also what is the AD DC ?

Not sure why you want to disable YP, squid is known to work with the
default Samba


To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba