winbind/kerberos with multiple DCs fail to authenticate
Gerald (Jerry) Carter
jerry at samba.org
Fri Jul 25 20:40:25 GMT 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Fri, 25 Jul 2003, Adrian Chung wrote:
> Well, I've just done some more testing, and with both DC's in my
> krb5.conf and both listed in 'password server =', everything's working
> just fine.
>
> I apologize for the interruption. I've been having intermittent
> trouble with winbindd just suddenly refusing to authenticate AD users
> until it's restarted, but I'm going to try and collect a level 3 log
> to see if it will shed more light on the situation. I notice that
> when it happens, wbinfo --sequence says "DOMAIN: disconnected" instead
> of a sequence number, although it can still query either the users or
> groups in the domain, but usually not both, and wbinfo -t works fine.
Are you working out of the 3.0 CVS code tree? I'm cleaning up small
things as I find them and there were a couple related to winbindd and AD
recently. Mostly with locating domain controllers for trusted doamins.
cheers, jerry
----------------------------------------------------------------------
Hewlett-Packard ------------------------- http://www.hp.com
SAMBA Team ---------------------- http://www.samba.org
GnuPG Key ---- http://www.plainjoe.org/gpg_public.asc
"You can never go home again, Oatman, but I guess you can shop there."
--John Cusack - "Grosse Point Blank" (1997)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/
iD8DBQE/IZW5IR7qMdg1EfYRApjZAJ4uM0lGy6MFP9swYWqDoOGpL62auACgz2Jb
qZAvbDyFF7DmJFzKnjGVpwk=
=fUAH
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list