Hello everybody, I am trying to mount windows share on a windows 2008 ad server from linux. An easy step, but ... The Windows Domain trust a MIT Kerberos Realm The users are mapped with a kerberos principal The mount work with the Active Directory password , or kerberos ticket but NOT with MIT'password or tickets... The Trust works well, I have got no problem with Windows 7 joined domain computer for accessing the shares. It don't work with windows 7 non domain joined computer. The authentication work with linux with a mix of winbind and pam_krb5 Somebody does have an idea ? Thanks !! Regards Serge Here some basic information =============================================== [root@confucius ~]# mount.cifs -V mount.cifs version: 4.8.1 ========================================= mount -t cifs //dc1/data/cnsxxxxa /mnt -o username=cnsxxxxa work with the active's directory password but not with the mit's [root@confucius ~]# mount -t cifs //dc1/data/cnsxxxxa /mnt -o username=cnsxxxxa,domain=KERBEROS.REALM do not help ================================================= with AD kerberos ticket : kinit cnsxxxxa@AD.LOCAL Password for cnsxxxxa@AD.LOCAL [root@confucius ~]# mount -t cifs //dc1/data/cnsxxxxa /mnt -o sec=krb5i ================================================= with MIT kerberos ticket : [root@confucius ~]# kinit cnsxxxxa Password for cnsxxxxa@KERBEROS.REALM: [root@confucius ~]# mount -t cifs //dc1/data/cnsxxxxa /mnt -o sec=krb5i mount error(5): Input/output error I have added this to /etc/requestkey.conf create cifs.spnego * * /usr/sbin/cifs.upcall %k create dns_resolver * * /usr/sbin/cifs.upcall %k Une messagerie gratuite, garantie à vie et des services en plus, ça vous tente ? Je crée ma boîte mail www.laposte.net -- To unsubscribe from this list: send the line "unsubscribe linux-cifs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
