[Samba] objectClass:posixAccount missing
steve
steve at steve-ss.com
Fri Aug 30 11:43:40 MDT 2013
On Fri, 2013-08-30 at 19:21 +0200, Luca Olivetti wrote:
> Al 30/08/13 18:54, En/na steve ha escrit:
>
> > Bueno, a ver:
> > We can say for certain that /etc/krb5.keytab contains the key for
> > nslcd-connect
> > make sure you have:
> >
> > ldap_sasl_mech = gssapi
> > ldap_sasl_authid = nslcd-connect at WETRON.ES
> > ldap_krb5_keytab = /etc/krb5.keytab
> >
> > (note, I think you had a different keytab in an older post. Lose it.)
>
> Done
>
> >
> > Next, can you resolve the kerberos SRV record:
> > host -t SRV _kerberos._udp.dc1.wetron.es.
>
> It doesn't resolve, but _kerberos._udp.wetron.es. does
>
> _kerberos._udp.wetron.es has SRV record 0 100 88 hp.wetron.es.
>
>
That's good. Sorry, I didn't know your domain or hostnames
> >
> > What do you have for /etc/krb5.conf
>
> [libdefaults]
> default_realm = WETRON.ES
> dns_lookup_realm = true
> dns_lookup_kdc = true
Remove the [realms] section and change:
dns_lookup_realm = false
(I'm assuming that this is a single DC)
I also have:
cyrus-sasl-32bit
Now go through everything in the thread, clear everything
in /var/lib/sss/db/* and restart sssd. Make sure that nscd is not
running.
HTH
Steve
More information about the samba
mailing list