Timeline for Cannot mount CIFS althought kinit return me a ticket
Current License: CC BY-SA 4.0
10 events
when toggle format | what | by | license | comment | |
---|---|---|---|---|---|
Apr 10 at 12:01 | comment | added | grawity_u1686 | @SebMa: Assuming your 'klist' after this shows a cifs ticket, it really sounds like a server-side problem. (It should've worked even without -U, it already knows the username from the ticket.) Does Kerberos work for other AD services from the same system (like LDAP via ldapsearch)? Does Kerberos work for this NAS from your Windows system? | |
Apr 10 at 10:13 | comment | added | SebMa | My bad. Now I updated my EDIT3 and added EDIT4. | |
Apr 10 at 8:41 | comment | added | grawity_u1686 |
Your edit still shows you using what looks like an IP address (which, again, isn't going to work). Try smbclient again, with the computer name (and maybe optionally with -d 15 to see if it's really using Kerberos/SPNEGO). If that still returns NT_ACCESS_DENIED, then it's very likely a server-side problem.
|
|
Apr 10 at 8:21 | comment | added | SebMa | I just added EDIT3. | |
Apr 9 at 17:20 | comment | added | grawity_u1686 |
That's a different problem now – do you have access using smbclient -k to the same share? Does the Kerberos ticket for cifs/server now show up in klist?
|
|
Apr 9 at 17:02 | comment | added | SebMa |
If I use myRemoteServer.myDOMAIN.lan , then I get a mount error(13): Permission denied error. See my EDIT2
|
|
Apr 9 at 16:48 | comment | added | grawity_u1686 |
@SebMa: That doesn't change the answer. If you already know that the server is named myRemoteServer and it has SPNs for */myRemoteServer , then that's what you must specify as the server name for mount.cifs.
|
|
Apr 9 at 16:38 | comment | added | SebMa | Listed the SPNs of myRemoteServer from a windows AD member in EDIT0. Hope this helps. | |
Apr 9 at 15:43 | history | edited | grawity_u1686 | CC BY-SA 4.0 |
added 373 characters in body
|
Apr 9 at 15:19 | history | answered | grawity_u1686 | CC BY-SA 4.0 |