I've a problem with Samba 4 and Kerberos. If I call kinit, it writes Client not found in Kerberos database while getting initial credentials. I find out, that the Kerberos works with user name only, but the system identifies all domain users with the domain name and backslash as prefix and Kerberos doesn't like it.
$ ssh user@machine #I don't need the domain name while logging in
DOMAIN\user@machine$ kinit
# does not work
DOMAIN\user@machine$ kinit DOMAIN\user
# does work neither
DOMAIN\user@machine$ kinit user
# works
DOMAIN\user@machine$ id
uid=2010(DOMAIN\user) gid=100(users) skupiny=100(users)
DOMAIN\user@machine$ getent passwd
# all domain users prefixed with 'DOMAIN\'
The same applies on list of files printed by ls -l:
-rw-r--r-- 1 DOMAIN\user users 3392 pro 19 14:46 filename
But when I've look at Samba Wiki, they have user name printed by the command getent passwd without the domain name.
getent passwd
...
Administrator:x:0:100::/home/MATWS/Administrator:/bin/bash
I thing, that this may cause, that kinit does not work and the user has no tickets after login. But I don't know, how to get rid of the domain name prefix, what's wrong or what I'm missing in my configuration.
