[Samba] Cannot find KDC for requested realm while getting initial credentials

John Kakritz john.kakritz at gcmail.maricopa.edu
Fri Mar 5 21:09:52 GMT 2004


Have succesfully installed and configured samba on BSD up to the point 
of joining the active directory domain.

The command <net ads join -Uadministrator> returned a message saying 
that i had "sucessfully joined the domain" and a quick review of my ADDC 
shows that my samba server has sucessfully joined and created an object 
in AD.  The command <wbinfo -u> returns a list of AD domain accounts.  
At this point things break down and it seems to be a kerberos problem.

I'm the original/eternal BSD noob, any thoughts as to what i'm doing wrong?

Error messages:
su-2.05b# ./smbclient -L localhost -Uadministrator
session setup failed: NT_STATUS_LOGON_FAILURE

_______________
su-2.05b# kinit administrator at adtest.gc.maricopa.edu
kinit(v5): Cannot find KDC for requested realm while getting initial 
credentials

_______________
su-2.05b# klist
klist: No credentials cache found (ticket cache FILE:/tmp/krb5cc_0)


Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached

My conf files:
krb5.conf
[logging]
 default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log

[libdefaults]
 ticket_lifetime = 24000
 default_realm = ADTEST.GC.MARICOPA.EDU
 dns_lookup_realm = false
 dns_lookup_kdc = false

[realms]
 ADTEST.GC.MARICOPA.EDU = {
  kdc = server.adtest.gc.maricopa.edu:88
  admin_server = server.adtest.gc.maricopa.edu:749
  default_domain = adtest.gc.maricopa.edu
 }

[domain_realm]
 .adtest.gc.maricopa.edu = ADTEST.GC.MARICOPA.EDU
 adtest.gc.maricopa.edu = ADTEST.GC.MARICOPA.EDU

[kdc]
 profile = /var/kerberos/krb5kdc/kdc.conf

[appdefaults]
 pam = {
   debug = false
   ticket_lifetime = 36000
   renew_lifetime = 36000
   forwardable = true
   krb4_convert = false
 }

smb.conf
[global]

   workgroup = ADTEST
   netbios name = BURP
   realm = ADTEST.GC.MARICOPA.EDU
   security = ads
   encrypt passwords = yes
   password server = server.adtest.gc.maricopa.edu
   wins server = server.adtest.gc.maricopa.edu
   name resolve order = lmhosts host wins bcast
   log file = /var/log/samba/%m.log
   server string = FreeBSD Samba Server
   log level = 2
#  socket options = TCP_NODELAY SO_SNDBUF=2000 SO_RCVBUF=2000
#New test options
#winbind separator = .
winbind cache time = 10
winbind enum users = yes
winbind enum groups = yes
#winbind use default domain = yes
template shell = /bin/bash
template homedir = /home/%D/%U
idmap uid = 10000-20000
idmap gid = 10000-20000

#============================ Share Definitions 
==============================




More information about the samba mailing list