[Samba] Windows 2003 SP1 breaks kerberos on samba?
Stuart Westbury
stuart at r3wt.net
Fri Apr 15 03:19:48 GMT 2005
Hi All,
I am in no way a samba expert, but we recently joined a FC3 machine to a
windows 2003 domain using ADS. Kerberos worked perfectly in both
directions until we approved the windows 2003 server SP1 update.
After this, we could still use wbinfo -g, wbinfo -u, wbinfo -t etc, but
chowning files refused to work "invalid user". You also could not
authenticate against the samba shares on the machine. The log files showed
entries like this :
[2005/04/15 12:37:38, 1] nsswitch/winbindd_group.c:winbindd_getgrnam(298)
group Domain Admins in domain OURDOMAIN does not exist
NTLM auth continues to work (this is our squid proxy server), but all else
was quite broken. Is this something we did incorrectly or have others
experienced this? As soon as SP1 was rolled back on the server, things
became peachy again.
Any thoughts?
Cheers,
Stuart
More information about the samba
mailing list