Manualshelf

HP CIFS Server 3.0d Administrator's Guide version A.02.02 (Edition 5)

ManualsBrandsHP ManualsSoftwareHP-UX Common Internet File System (CIFS) Client/Server Software
191192193194195196197198199200
Kerberos Support
HP-UX Kerberos Application Co-existence
Chapter 8186
/etc/opt/samba/smb.conf file
/etc/krb5.keytab file
net ads keytab create command
The first task is to configure HP CIFS Server for Kerberos
authentication and join it to a Windows domain. This configuration will
disable HP-UX Internet Services access to the HP-UX system
temporarily until all the configuration steps are completed.
Use the following steps to generate a valid keytab file and to configure an
HP CIFS Server to access the keytab file:
Step 1. Add the default_keytab_name parameter with the WRFILE attribute in
the /etc/krb5.conf file. HP-UX Kerberos Client version 1.3.5 is
required for WRFILE.
An example of /etc/krb5.conf for HP CIFS Server keytab creation is
as follows:
# Kerberos configuration
[libdefaults]
default_realm = MYREALM.HP.COM
default_tkt_enctypes = DES-CBC-MD5
default_tgs_enctypes = DES-CBC-MD5
default_keytab_name = "WRFILE:/etc/krb5.keytab"
[realms]
MYREALM.HP.COM = {
kdc = HPWIN2K4.MYREALM.HP.COM:88
admin_server = HPWIN2K4.MYREALM.HP.COM
}
[domain_realm]
.hp.com = MYREALM.HP.COM
[logging]
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmin.log
default = FILE:/var/log/krb5lib.log
Step 2. Run the net ads keytab create -U administrator command to
generate an /etc/krb5.keytab file.