On Wed, 23 Nov 2011, Josh Geisser wrote:
Thanks for the answer will check soon.
Joining the machine actually works as far as I understand: it creates the
computer object in LDAP and is visible in the AD management utility.
But it doesn't write any local /etc/krb5.keytab, which I assume SSSD or the
krb5-tools will use, not?
Want to try your additional smb.conf parameters and I'll come back to you
Will update the article with some more notes on this tomorrow. My config was
for samba 3.5, I don't know what version you're running. You definitely need
the keytab line in your config (that line is different in 3.0 but you'll find
it in the man page).
Once you've done that, join the domain again, and /etc/krb5.keytab should be
created, and yes, that's what sssd uses.
jh