Manualshelf

HP CIFS Server and Kerberos

ManualsBrandsHP ManualsSoftwareHP-UX Common Internet File System (CIFS) Client/Server Software
106107108109110111112113114115
114
CIFS/Samba does not create an ftp principal, so it does not exist in the krb5.keytab file. When ftp
searches for it, it is not found, but then ftp will re-try with the host/FQDN service principal. This is the
same service principal that is used for HP-UX logins, so the re-try is successful.
A Wireshark trace shows this behavior:
Here is the ftp SP being rejected as “PRINCIPAL UNKNOWN” because it does not exist in the keytab
file. Next….