[Samba] Cannot find KDC for requested realm while getting initial
credentials
John Kakritz
john.kakritz at gcmail.maricopa.edu
Fri Mar 5 21:09:52 GMT 2004
Have succesfully installed and configured samba on BSD up to the point
of joining the active directory domain.
The command <net ads join -Uadministrator> returned a message saying
that i had "sucessfully joined the domain" and a quick review of my ADDC
shows that my samba server has sucessfully joined and created an object
in AD. The command <wbinfo -u> returns a list of AD domain accounts.
At this point things break down and it seems to be a kerberos problem.
I'm the original/eternal BSD noob, any thoughts as to what i'm doing wrong?
Error messages:
su-2.05b# ./smbclient -L localhost -Uadministrator
session setup failed: NT_STATUS_LOGON_FAILURE
_______________
su-2.05b# kinit administrator at adtest.gc.maricopa.edu
kinit(v5): Cannot find KDC for requested realm while getting initial
credentials
_______________
su-2.05b# klist
klist: No credentials cache found (ticket cache FILE:/tmp/krb5cc_0)
Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached
My conf files:
krb5.conf
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
ticket_lifetime = 24000
default_realm = ADTEST.GC.MARICOPA.EDU
dns_lookup_realm = false
dns_lookup_kdc = false
[realms]
ADTEST.GC.MARICOPA.EDU = {
kdc = server.adtest.gc.maricopa.edu:88
admin_server = server.adtest.gc.maricopa.edu:749
default_domain = adtest.gc.maricopa.edu
}
[domain_realm]
.adtest.gc.maricopa.edu = ADTEST.GC.MARICOPA.EDU
adtest.gc.maricopa.edu = ADTEST.GC.MARICOPA.EDU
[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
smb.conf
[global]
workgroup = ADTEST
netbios name = BURP
realm = ADTEST.GC.MARICOPA.EDU
security = ads
encrypt passwords = yes
password server = server.adtest.gc.maricopa.edu
wins server = server.adtest.gc.maricopa.edu
name resolve order = lmhosts host wins bcast
log file = /var/log/samba/%m.log
server string = FreeBSD Samba Server
log level = 2
# socket options = TCP_NODELAY SO_SNDBUF=2000 SO_RCVBUF=2000
#New test options
#winbind separator = .
winbind cache time = 10
winbind enum users = yes
winbind enum groups = yes
#winbind use default domain = yes
template shell = /bin/bash
template homedir = /home/%D/%U
idmap uid = 10000-20000
idmap gid = 10000-20000
#============================ Share Definitions
==============================
More information about the samba
mailing list