Re: [Netatalk-admins] AD and netatalk Kerberos

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

A: Yes.
| Q: Are you sure?
| | A: Because it reverses the logical flow of conversation.
| | | Q: Why is top posting frowned upon?

2010/7/14 Steven L Jeffs <st...@cs...>:
> My netatalk box is a member server in that it is bound via Kerberos to AD. Keytab is configured and ldap as well. Hence ad users can login to the netatalk box using samba (without winbind, using keytab) and via SSH using pam. Gssapi works as ldapsearch can peruse AD using gssapi auth.  So what else do you mean by Kerberos interaction between the netatalk box and AD?

You need a afpserver service principal.

<http://www.google.com/search?hl=en&source=hp&q=ktpass+afpserver&aq=f&aqi=&aql=&oq=&gs_rfai=>