[Samba] Preauthentication failed errors when trying to join Samba
3.0.14a to a W2k AD OU
Jeremy O'Leary
jeremyol at cesa.office.xerox.com
Wed Aug 24 21:15:24 GMT 2005
Hi all,
I'm trying to add a samba 3.0.14a server (on Solaris 9 w/kerberos5
v1.4.1 & OpenLDAP) to a Windows 2000 AD OU and I'm able to successfully
run "/apps/krb5/bin/kinit username at NA.EXAMPLE.NET" but when I run ...
net ads join "PATH\TO\THE\RIGHT\SUB\OU" I keep getting the
following error message:
libads/kerberos.c:get_service_ticket(337)
get_service_ticket HOSTNAME$@NA.EXAMPLE.NET at NA.EXAMPLE.NET failed:
Preauthentication failed
Here is an example of what I have in my smb.conf file.
security = ads
realm = na.example.net
encrypt passwords = yes
use kerberos keytab = yes
netbios name = havok
workgroup = naex
password server = dc.server1.ip.addr dc.server2.ip.addr
wins server = <ip addr>
I have an unmodified krb5.conf file, klist reports the following.
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: username at NA.EXAMPLE.NET
Valid starting Expires Service principal
08/24/05 14:06:40 08/25/05 00:06:43 krbtgt/NA.EXAMPLE.NET at NA.EXAMPLE.NET
renew until 08/25/05 14:06:40
08/24/05 14:06:56 08/25/05 00:06:43 usaesm1dc01$@NA.EXAMPLE.NET
renew until 08/25/05 14:06:40
08/24/05 14:06:57 08/25/05 00:06:43 kadmin/changepw at NA.EXAMPLE.NET
renew until 08/25/05 14:06:40
Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached
---
Any suggestions?
thanks,
Jeremy
More information about the samba
mailing list