[Samba] Samba ADS ticket problem
ram dass
mailtodazz at yahoo.com
Mon Mar 14 05:01:09 GMT 2005
I've got samba-3.0.0-14.3E, and am trying to connect
to a
Windows 2000 domain using security = ADS
After following the instructions in the
Samba-HOWTO-Collection, I've got
kinit working, and am able to browse the Windows 2000
machines shares with
smbclient //win2kmixed/c\$ -k without a password.
However, if I try to connect to the machine, either
through network
neighborhood or with (on w2k net use *
\\server\share), it fails (asks for
username/password).
The HOWTO says to run klist tickets, which shows no
tickets. It doesn't say
what to do if that happens.
The log files for the machine trying to connect say:
[2003/07/24 14:58:09, 1]
libads/kerberos_verify.c:ads_verify_ticket(69)
failed to fetch machine password
[2003/07/24 14:58:09, 1]
smbd/sesssetup.c:reply_spnego_kerberos(178)
Failed to verify incoming ticket!
smb.conf has:
# Global parameters
[global]
workgroup = DOMAIN
realm = DOMAIN.LOCAL
netbios name = SAM
server string = SAMBA
security = ADS
password server = win2kmixed
log file = /var/log/samba/log.%m
max smbd processes = 1000
socket options = TCP_NODELAY SO_RCVBUF=8192
SO_SNDBUF=8192
enhanced browsing = No
idmap uid = 10000-12000
idmap gid = 10000-12000
template homedir = /dev/null
template shell = /sbin/nologin
winbind separator = +
create mask = 0700
directory mask = 0700
directory security mask = 0700
max connections = 1000
map archive = No
follow symlinks = No
[share1]
comment = share1
path = /mnt/floppy/share1
write list = DOMAIN+Administrator
read only = No
inherit permissions = Yes
inherit acls = Yes
map acl inherit = Yes
klist tickets returns:
klist: No credentials cache found (ticket cache
FILE:tickets)
klist returns:
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: ADMINISTRATOR at DOMAIN.LOCAL
Valid starting Expires Service
principal
07/24/03 14:18:34 02/25/05 00:18:34
krbtgt/DOMAIN.LOCAL at DOMAIN.LOCAL
07/24/03 14:54:22 02/25/05 00:18:34
mp3box2$@DOMAIN.LOCAL
Even trying to connect from the Linux machine fails
with
[root at mp3box pty/s0] smbclient //mp3box2/share1 -k
session setup failed: NT_STATUS_LOGON_FAILURE
Any help would be appreciated; the documentation here
is not quite clear.
Ramadass
__________________________________
Do you Yahoo!?
Yahoo! Small Business - Try our new resources site!
http://smallbusiness.yahoo.com/resources/
More information about the samba
mailing list