HP CIFS Server and Kerberos

ManualsBrandsHP ManualsSoftwareHP-UX Common Internet File System (CIFS) Client/Server Software

Contents

Legal Notices ......................................................................................................................2

Chapter 1 Introduction .......................................................................................................5

Chapter 2 Kerberos, CIFS, and Samba Overview ..................................................................6

2.1 Kerberos Primer.......................................................................................................... 6

Chapter 3 Solution Components .......................................................................................... 8

Chapter 4 Solution Configuration(s).....................................................................................9

4.1 HP CIFS Server........................................................................................................... 9

4.2 Microsoft Active Directory Domain ............................................................................. 10

4.3 Joining the Windows Domain..................................................................................... 10

4.4 Kerberos CIFS Server Client Authentication Example................................................... 13

Chapter 5 HP-UX Application Co-Existence......................................................................... 20

5.1 Configuring for krb5.keytab....................................................................................... 20

5.1.1 Kerberos modifications for INET Services ........................................................... 22

5.2 krb5.keytab Configuration Script................................................................................ 23

5.3 The kbr5.keytab File ................................................................................................. 24

Chapter 6 Support Matrices .............................................................................................. 26

Chapter 7 Traces and Logs ............................................................................................... 27

7.1 Windows 2000 KDC – HP-UX Kerberos 1.0, MD5......................................................... 28

7.2 Windows 2000 KDC – HP-UX Kerberos 1.0, CRC ......................................................... 33

7.3 Windows 2000 KDC – HP-UX Kerberos 1.0, RC4 ......................................................... 39

7.4 Windows 2000 KDC – HP-UX Kerberos 1.3.5, MD5...................................................... 40

7.5 Windows 2000 KDC – HP-UX Kerberos 1.3.5, CRC ...................................................... 45

7.6 Windows 2000 KDC – HP-UX Kerberos 1.3.5, RC4 ...................................................... 50

7.7 Windows 2003 KDC – HP-UX Kerberos 1.0, MD5......................................................... 55

7.8 Windows 2003 KDC – HP-UX Kerberos 1.0, CRC ......................................................... 62

7.9 Windows 2003 KDC – HP-UX Kerberos 1.0, RC4 ......................................................... 70

7.10 Windows 2003 KDC – HP-UX Kerberos 1.3.5, MD5.................................................. 71

7.11 Windows 2003 KDC – HP-UX Kerberos 1.3.5, CRC .................................................. 77

7.12 Windows 2003 KDC – HP-UX Kerberos 1.3.5, RC4 .................................................. 84

Chapter 8 Support Tools and Common Problems................................................................ 91

8.1 Support Tools........................................................................................................... 91

8.1.1 kinit ................................................................................................................. 91

8.1.2 klist (HP-UX) .................................................................................................... 92

8.1.3 net ads status .................................................................................................. 92

8.1.4 ldapsearch ....................................................................................................... 93

8.1.5 Samba Logging ................................................................................................ 93

8.1.6 Windows Event Logger ..................................................................................... 95

8.1.7 Wireshark ........................................................................................................ 95

8.1.8 Kerbtray........................................................................................................... 96

8.1.9 Klist (Windows client) ..................................................................................... 100

8.2 Common Problems.................................................................................................. 102

8.2.1 Wrong Kerberos Libraries ................................................................................ 103

8.2.2 Invalid /etc/krb5.conf File ............................................................................... 104

8.2.3 Joining a Domain............................................................................................ 105

Chapter 9 Kerberos High Availability Integration .............................................................. 108

9.1 CIFS HA Kerberos Configuration .............................................................................. 109

9.2 Testing the Merged Keytab Files .............................................................................. 110

9.3 Examining the Merged krb5.keytab File.................................................................... 115