Skip to main content

Thread: Mounting CIFS shares using KRB5 authentication without joining the domain

-

hi all,

i'm wondering if possible access cifs share (hosted on win2k3 server) ubuntu 9.10 client without joining client active directory domain...

here's tried last couple of hours :

have installed , configured krb5, mount.cifs, keyutils. fine.

when try mount remote share (after getting tgt kinit ad_user):

mount.cifs //winserver/share /media/cifs -o username=ad_user,domain=ad.domain,sec=krb5 --verbose

(with ad_user active directory user name , ad.domain active directory domain)

mount.cifs raise following error :

mount error(13): permission denied... not cool...

check klist tickets cache :

ticket cache: file:/tmp/krb5cc_0
default principal: ad_user@ad.domain

valid starting expires service principal
12/16/09 17:29:37 12/17/09 03:29:35 krbtgt/ad.domain@ad.domain
renew until 12/17/09 17:29:37
12/16/09 17:31:04 12/17/09 03:29:35 cifs/winserver@ad.domain
renew until 12/17/09 17:29:37

looks fine tgt , session ticket windows server...

when check network capture done wireshark, everythings works great until smb "tree connect andx request". windows server response status_access_denid , connection closed.

in windows security event log can see successfull logon ubuntu workstation followed successfull logoff...

guess :
managed open connection using kerberos cifs server when workstation tried access files windows server unable match unix account (root "sudo-sued" bash) active directory account , kicked out infamous unknown user.

here can provide me other explanation , (finger crossed) workaround achieve goal ?

goal wich remind :
mounting cifs shares on active directory members windows servers, using kerberos , active directory user account without having join ubuntu workstation domain.

advance.

, sorry rather neanderthalic english...



Forum The Ubuntu Forum Community Ubuntu Official Flavours Support Networking & Wireless [all variants] Mounting CIFS shares using KRB5 authentication without joining the domain


Ubuntu

Comments

Post a Comment

Popular posts from this blog

Error: ‘for’ loop initial declarations are only allowed in C99 or C11 mode - Raspberry Pi Forums

-
hey everyone, i'm trying compile simple code on rpi3 using geany. code written using code::blocks on windows , working without problem. errors i'm getting are: untitled.c:33:5: error: ‘for’ loop initial declarations allowed in c99 or c11 mode , untitled.c:33:5: note: use option -std=c99, -std=gnu99, -std=c11 or -std=gnu11 compile code understand code not problem way i'm compiling it. can give me advice? you need add 1 of suggested options compile command configured in geany, in menu.. build -> set build commands add "-std=c99" after "gcc" in compile , build boxes. (i'm looking on mint pc expect version on pi same). petero raspberrypi
Read more

class MPU6050 has no member named begin

-
hi all, as working out scripts wich me make winddirection meter gy-87 calibrate compass sensor on board. i using script "hmc5883l_calibrate_mpu6050" korneliusz jarzebski. i fault "class mpu6050 has no member named begin" /*   calibrate hmc5883l + mpu6050 (gy-86 / gy-87). output hmc5883l_calibrate_processing.pde   read more: http://www.jarzebski.pl/arduino/czujniki-i-sensory/3-osiowy-magnetometr-hmc5883l.html   git: https://github.com/jarzebski/arduino-hmc5883l   web: http://www.jarzebski.pl   (c) 2014 korneliusz jarzebski */ #include <wire.h> #include <hmc5883l.h> #include <mpu6050.h> hmc5883l compass; mpu6050 mpu; int minx = 0; int maxx = 0; int miny = 0; int maxy = 0; int offx = 0; int offy = 0; void setup() {   serial.begin(9600);   // initialize mpu6050   while(!mpu.begin(mpu6050_scale_2000dps, mpu6050_range_2g))   {     delay(500);   } how slove error? any apreciated. kind regards, ilioss what compiler complainin
Read more

missing filename after '-o'

-
i'm new writing in arduino , trying program "ultimate robot kit blue". in uploading first motor test, error message keeps coming says: avr-g++: error: missing filename after '-o' exit status 1 error compiling. invalid library found in /users/dennisleary/documents/arduino/libraries/makeblock-libraries-master: /users/dennisleary/documents/arduino/libraries/makeblock-libraries-master invalid library found in /users/dennisleary/documents/arduino/libraries/makeblock-libraries-master: /users/dennisleary/documents/arduino/libraries/makeblock-libraries-master i've been trying robot , running quite time , appreciated! you have not installed library correctly or correct name.  however, did not post code , did not post complete message guessing.  not @ guessing.  please try again, following instructions follow. to post code and/or error messages: 1) use ctrl-t in arduino ide autoformat code. 2) paste autoformatted code between code tags (th
Read more