Web lists-archives.com

Re: [Samba] smbclient kerberos auth fails




On Wed, 18 Apr 2018 12:00:28 +0200
Aurélien Aptel via samba <samba@xxxxxxxxxxxxxxx> wrote:

> Forgot to reply to this
> 
> Ralph Böhme <slow@xxxxxxxxx> writes:
> > Hi Aurélien,
> >
> > On Sat, Apr 14, 2018 at 03:19:59PM +0200, Aurélien Aptel via samba
> > wrote:
> >> At this point I think it should work, but I get:
> >> 
> >>     $ smbclient //foo.com/share -k
> >
> > I guess you need to specify the FQDN of the host, not the domain.
> 
> Yes that was it, thanks! But both the domain and the fqdn resolve to
> the same machine so I'm not sure why doesn't work :/
> 

Probably because the domain should resolve to the domains nameservers
and it might not be the machine that holds the share. Also 'it' might
be 'they', as in:

dig @192.168.0.7 samdom.example.com

; <<>> DiG 9.9.5-9+deb8u15-Debian <<>> @192.168.0.7 samdom.example.com
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6481
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 3

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;samdom.example.com.		IN	A

;; ANSWER SECTION:
samdom.example.com.	900	IN	A	192.168.0.7
samdom.example.com.	900	IN	A	192.168.0.6

;; AUTHORITY SECTION:
samdom.example.com.	900	IN	NS	dc3.samdom.example.com.
samdom.example.com.	900	IN	NS	dc4.samdom.example.com.

;; ADDITIONAL SECTION:
dc3.samdom.example.com.	900	IN	A	192.168.0.7
dc4.samdom.example.com.	900	IN	A	192.168.0.6

;; Query time: 5 msec
;; SERVER: 192.168.0.7#53(192.168.0.7)
;; WHEN: Wed Apr 18 11:14:54 BST 2018
;; MSG SIZE  rcvd: 147

Rowland

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba