Samba 3.0 Alpha22 + AD Domain, RedHat Kerberos Problems

ODC odc-public at hotpop.com
Tue Mar 11 00:44:55 GMT 2003 

Hi all,

I'm not sure if this is the proper list to send to, but I figure this is 
it since I'm dealing with the beta software.

Anyway, I have compiled Samba 3.0 Alpha 22 and would like to run it as a 
  file server that authenticates AD logins to the W2K Domain Server.

I have gotten though all the steps I can think of, and kinit user at REALM 
works properly.

However, now is the acid test -- when I go \\LINUXSERVER\ from a domain 
connected workstation, it keeps rejecting the login and giving me the 
username/password box.

When looking at the log files, I noticed this (could it be a problem 
with the Kerberos code ?)

[2003/03/10 14:49:46, 3] smbd/sesssetup.c:reply_sesssetup_and_X_spnego(402)
   Doing spnego session setup
[2003/03/10 14:49:46, 3] smbd/sesssetup.c:reply_spnego_negotiate(316)
   Got OID 1 2 840 48018 1 2 2
[2003/03/10 14:49:46, 3] smbd/sesssetup.c:reply_spnego_negotiate(316)
   Got OID 1 2 840 113554 1 2 2
[2003/03/10 14:49:46, 3] smbd/sesssetup.c:reply_spnego_negotiate(316)
   Got OID 1 3 6 1 4 1 311 2 2 10
[2003/03/10 14:49:46, 3] smbd/sesssetup.c:reply_spnego_negotiate(323)
   Got secblob of size 1466
[2003/03/10 14:49:46, 3] libads/kerberos_verify.c:ads_verify_ticket(124)
   krb5_rd_req with auth failed (Bad encryption type)
[2003/03/10 14:49:46, 1] smbd/sesssetup.c:reply_spnego_kerberos(167)
   Failed to verify incoming ticket!
[2003/03/10 14:49:46, 3] smbd/error.c:error_packet(94)
   error string = No such file or directory
[2003/03/10 14:49:46, 3] smbd/error.c:error_packet(113)
   error packet at smbd/sesssetup.c(169) cmd=115 (SMBsesssetupX) 
NT_STATUS_LOGON_FAILURE

I have attached 2 logs and a strace file of smbd if that may help.

Any suggestions to get this working for domain authentication would be 
*greatly* appreciated.

Thank you.

ps. I should be on the mailing list, but could you pelase CC: to my 
address if you respond.

Thanks again.

-- 
ODC <odc-public at hotpop.com>
Public E-Mail Drop
*Hotpop is known to have unreliable servers, please resend if needed*
*Please no more than 500kb per message*

-------------- next part --------------
A non-text attachment was scrubbed...
Name: logs.tar.bz2
Type: application/octet-stream
Size: 41873 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20030310/b8d8e2ac/logs.tar.obj

More information about the samba-technical mailing list