[Samba] Re: Authentication against AD?
Jason Gerfen
jason.gerfen at scl.utah.edu
Wed Sep 14 17:26:53 GMT 2005
Jason Gerfen wrote:
> <snippit>
>
>> dns_lookup_realm = true
>> dns_lookup_kdc = true
>> default_tkt_enctypes = des-cbc-crc des-cbc-md5
>> default_tgs_enctypes = des-cbc-crc
>>
>>
> I have added these options to my krb5.conf per your suggestion
>
>> Note the default enctypes. Seems in the way back I was getting
>> errors; adding these fixed that. Others may disagree, and YMMV.
>>
>> Dimitri
>>
>>
>
> I have the following services running smbd, nmbd & winbindd. Here are
> snippits of the logs log.nmbd, log.smbd and log.winbind
>
> log.winbind
> [2005/09/14 10:38:06, 1] nsswitch/winbindd.c:main(864)
> winbindd version 3.0.13-1.1-SUSE started.
> Copyright The Samba Team 2000-2004
> [2005/09/14 10:38:08, 1]
> nsswitch/winbindd_ads.c:ads_cached_connection(81)
> ads_connect for domain SCL.UTAH.EDU failed: No such file or directory
>
> log.smbd
> [2005/09/14 11:03:04, 0] printing/print_cups.c:cups_cache_reload(85)
> Unable to connect to CUPS server localhost - Connection refused
> [2005/09/14 11:03:04, 0] printing/print_cups.c:cups_cache_reload(85)
> Unable to connect to CUPS server localhost - Connection refused
> ** I am not running cups
>
> log.nmbd
> add_domain_logon_names:
> Attempting to become logon server for workgroup SCL.UTAH.EDU on
> subnet 192.168.0.3
> [2005/09/14 10:38:12, 0]
> nmbd/nmbd_logonnames.c:become_logon_server_success(124)
> become_logon_server_success: Samba is now a logon server for
> workgroup SCL.UTAH.EDU on subnet 192.168.0.3
> [2005/09/14 10:43:48, 0]
> nmbd/nmbd_become_lmb.c:become_local_master_stage2(396)
> *****
>
> Samba name server ODIN-NEWB is now a local master browser for
> workgroup DOMAIN.Com on subnet 192.168.0.3
>
> *****
>
> I am still not able to authenticate against the domain, any other
> suggestions?
>
If it helps any this is the response from wbinfo
%> wbinfo -m
BUILTIN
the -t and -u options return errors as well:
jason at odin-newb:~> sudo wbinfo -m
BUILTIN
jason at odin-newb:~> sudo wbinfo -t
checking the trust secret via RPC calls failed
error code was NT_STATUS_PIPE_NOT_AVAILABLE (0xc00000ac)
Could not check secret
jason at odin-newb:~> sudo wbinfo -u
Error looking up domain users
--
Jason Gerfen
Student Computing Labs, University Of Utah
jason.gerfen at scl.utah.edu
J. Willard Marriott Library
295 S 1500 E, Salt Lake City, UT 84112-0860
801-585-9810
"My girlfriend threated to
leave me if I went boarding...
I will miss her."
~ DIATRIBE aka FBITKK
More information about the samba
mailing list