Manualshelf

Integrate Logins with HP CIFS Server, HP-UX, and Windows 2003R2/2008

ManualsBrandsHP ManualsSoftwareHP-UX Common Internet File System (CIFS) Client/Server Software
11121314151617181920
16
Sample krb5.conf file:
[libdefaults]
default_realm = ATCWIN1.HP.COM
default_tkt_enctypes = DES-CBC-CRC RC4-HMAC DES-CBC-MD5
default_tgs_enctypes = DES-CBC-CRC RC4-HMAC DES-CBC-MD5
default_keytab_name = "WRFILE:/etc/krb5.keytab"
#The line above is not valid for HP CIFS Server A.02.04 and later.
ccache_type = 2
clockskew = 1800000
[realms]
ATCWIN1.HP.COM = {
kdc = ATCWINVM1.ATCWIN1.HP.COM:88
admin_server = ATCWINVM1.ATCWIN1.HP.COM
}
[domain_realm]
.hp.com = ATCWIN1.HP.COM
[logging]
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmin.log
default = FILE:/var/log/krb5lib.log
Using this configuration, a “net ads join” will join the HP-UX CIFS/Samba server to the Active
Directory domain, and also create an /etc/krb5.keytab file using the CIFS and Host service principals
that were added to the AD.
NOTE: For HP CIFS Server A.02.04 and later, remove the 5
th
line of the krb5.conf example above:
default_keytab_name = "WRFILE:/etc/krb5.keytab"
Using ADSIEDIT, the new CIFS server ServicePrincipals can be displayed. Note that in this case,
Samba has added principals for both the HP-UX FQDN (from /etc/hosts) and the CIFS Server FQDN
(from smb.conf).