[Samba] samba v3b3, SuSE 8.0 enterprise, heimdal 0.6, openssl ADS issues

Brian Otto ottob at dteenergy.com
Wed Aug 13 17:51:47 GMT 2003 

Hi again all,

I'm trying to get samba 3b3 working with ADS on Suse 8.0 enterprise.
I've installed heimdal kerberos 0.6 with openldap support.

Now when I did that, I used the configure options of:

./configure --with-openldap=/usr/local/bin
--with-openldap-include=/usr/local/include
--with-openldap-lib=/usr/local/lib --enable-shared=yes

there's another config option of --with-openldap-config  with a note of
"ldap config utility"  What the devil is that?  I can't seem to find any
info on it, so am not sure if that's my problem.

Anyway, when compiling samba v3b3 I get this error:

Compiling libsmb/clikrb5.c
libsmb/clikrb5.c: In function `krb5_princ_component':
libsmb/clikrb5.c:398: warning: assignment discards qualifiers from
pointer target type
Compiling libsmb/clispnego.c with -fPIC

looks dangerous.

Than when I try a net ads join, I get:

linux:/home/packages/samba-3.0.0beta3/source # bin/net ads join -U
administrator at DOMAIN.com
administrator at DOMAIN.com password:
[2003/08/13 13:04:14, 1] libsmb/clikrb5.c:ads_krb5_mk_req(267)
  krb5_cc_get_principal failed (No such file or directory)
[2003/08/13 13:04:14, 1] libsmb/clikrb5.c:ads_krb5_mk_req(274)
  krb5_get_credentials failed for ads-server$@DOMAIN.COM (Unknown error
-1765328343)
[2003/08/13 13:04:14, 1] utils/net_ads.c:ads_startup(176)
  ads_connect: Server is unavailable

Now, the fix for the same problem under BSD (thanks to WIll Froning) is
to compile kerberos with ldap support, which is why I'm not sure if the
kerberos is compiling ok.

Also, when I compile samba 3b1, I don't get the compile error and the
"net ads" error is:

suseserver2:/var/log/samba # net ads join  -U administrator at DOMAIN.COM
administrator at DOMAIN.COM password:
[2003/08/13 10:14:26, 1] libsmb/clikrb5.c:ads_krb5_mk_req(267)
  krb5_cc_get_principal failed (No such file or directory)
[2003/08/13 10:14:26, 1] libsmb/clikrb5.c:ads_krb5_mk_req(274)
  krb5_get_credentials failed for ads-server$@DOMAIN.COM (Unknown error
2529638927)
[2003/08/13 10:14:26, 0] libads/ldap.c:ads_join_realm(1352)
  Host account for suseserver2 already exists - deleting old account
[2003/08/13 10:14:26, 1] libads/krb5_setpw.c:ads_krb5_set_password(529)
  krb5_get_credentials failed (Unknown error 2529638927)
ads_set_machine_password: Unknown error 2529638927

Notice, it actually lets me add the machine!  Also, either machine, the
'net ads lookup' command works fine, as does klist, and kinit.

Any ideas?

Many thanks

-Brian Otto
--
The opinions expressed herein are my own and do not necessarily reflect
those of my employers

More information about the samba mailing list