Integrate Logins with HP CIFS Server, HP-UX, and Windows 2003R2/2008
17
These ServicePrincipalNames match the CIFS Server “net ads status” output:
dNSHostName: atcuxvm5.rose.hp.com
userPrincipalName: HOST/atcuxvm5@ATCWIN1.HP.COM
servicePrincipalName: HOST/atcuxvm5.rose.hp.com
servicePrincipalName: CIFS/atcuxvm5.rose.hp.com
servicePrincipalName: CIFS/atcuxvm5.atcwin1.hp.com
servicePrincipalName: CIFS/atcuxvm5
servicePrincipalName: HOST/atcuxvm5.atcwin1.hp.com
servicePrincipalName: HOST/atcuxvm5
objectCategory:
CN=Computer,CN=Schema,CN=Configuration,DC=ATCWIN1,DC=HP,DC=COM
A “klist –k -e” will display these principals with every combination of key encryption type for Samba
(this accounts for the excessive length of the keytab file).
# klist -k -e
Keytab name: WRFILE:/etc/krb5.keytab
KVNO Principal
---- --------------------------------------------------------------------------
2 host/atcuxvm5.rose.hp.com@ATCWIN1.HP.COM (AES-256 CTS mode with 96-bit SHA-1 HMAC)
2 host/atcuxvm5.rose.hp.com@ATCWIN1.HP.COM (AES-128 CTS mode with 96-bit SHA-1 HMAC)
2 host/atcuxvm5.rose.hp.com@ATCWIN1.HP.COM (Triple DES cbc mode with HMAC/sha1)
2 host/atcuxvm5.rose.hp.com@ATCWIN1.HP.COM (ArcFour with HMAC/md5)
2 host/atcuxvm5.rose.hp.com@ATCWIN1.HP.COM (DES cbc mode with CRC-32)
2 host/atcuxvm5.rose.hp.com@ATCWIN1.HP.COM (DES cbc mode with RSA-MD5)
2 host/atcuxvm5.rose.hp.com@ATCWIN1.HP.COM (DES cbc mode with RSA-MD4)
2 cifs/atcuxvm5.rose.hp.com@ATCWIN1.HP.COM (AES-256 CTS mode with 96-bit SHA-1 HMAC)
2 cifs/atcuxvm5.rose.hp.com@ATCWIN1.HP.COM (AES-128 CTS mode with 96-bit SHA-1 HMAC)
2 cifs/atcuxvm5.rose.hp.com@ATCWIN1.HP.COM (Triple DES cbc mode with HMAC/sha1)
2 cifs/atcuxvm5.rose.hp.com@ATCWIN1.HP.COM (ArcFour with HMAC/md5)
2 cifs/atcuxvm5.rose.hp.com@ATCWIN1.HP.COM (DES cbc mode with CRC-32)
2 cifs/atcuxvm5.rose.hp.com@ATCWIN1.HP.COM (DES cbc mode with RSA-MD5)
2 cifs/atcuxvm5.rose.hp.com@ATCWIN1.HP.COM (DES cbc mode with RSA-MD4)
………