Hi guys,
I'm using Zentyal 3.3, updated from Zentyal 3.2 configured as a Domain Controller
By using the module "File Sharing and Domain Services", I have created a share "myshare" folder with rw permission for my yser "myuser".
In order to mount the share in an ubuntu client, I use the following command:
sudo mount.cifs //mydc.mydomain/myshare /tmp/myshare -o user=myuser,sec=krb5,cruid=myuid,cifsacl,fsc --verbose
but as a result I have obtained the following error:
mount error(126): Required key not available
Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)
By checking the log "syslog", the error is generated by cifs.upcall when it tries to get the kerberos ticket. Here below the syslog:
key description: cifs.spnego;0;0;39010000;ver=0x2;host=myhost;ip4=192.168.123.245;sec=krb5;uid=0x0;creduid=0x2dc6ef;user=myuser;pid=0x164f
cifs.upcall: ver=2
cifs.upcall: host=myhost
cifs.upcall: ip=192.168.123.245
cifs.upcall: sec=1
cifs.upcall: uid=0
cifs.upcall: creduid=3000047
cifs.upcall: user=myuser
cifs.upcall: pid=5711
cifs.upcall: find_krb5_cc: considering /tmp/krb5cc_3000047_LptXXy
cifs.upcall: find_krb5_cc: FILE:/tmp/krb5cc_3000047_LptXXy is valid ccache
cifs.upcall: handle_krb5_mech: getting service ticket for myhost
cifs.upcall: cifs_krb5_get_req: unable to get credentials for myhost
cifs.upcall: handle_krb5_mech: failed to obtain service ticket (-1765328377)
kernel: [25707.318586] CIFS VFS: Send error in SessSetup = -126
kernel: [25707.318736] CIFS VFS: cifs_mount failed w/return code = -126
More in detail, the kerberos error (-1765328377) is defined as "KRB5KDC_ERR_S_PRINCIPAL_UNKNOWN" and it means "Server not found in Kerberos database".
In order to mount some network unit after the login of the user in a client, I adopted this solution starting Zentyal 3.0 by using the mount.cifs in a script that it is executed after the login. After the upgrade of the Zentyal server to the version 3.2 and after 3.3, this solution didn't work.
Do you know this problem and a possible solution?
Differently, can you suggest a different way to mount network units after the login of the user in an ubuntu client? The most important thing is that each network units have to be mounted with the privilege of the user because each users has different privileges on the units.
For windows clients, I use the command "net use ..." and I need a similiar solution for ubuntu clients.
Thanks a lot