[Samba] samba v3b3, SuSE 8.0 enterprise, heimdal 0.6, openssl ADS issues

C.Scheeder christoph.scheeder at scheeder.de
Thu Aug 14 06:26:12 GMT 2003 

Hi,
i'm not shure if this still applys to 3.0b3 but in 
samba/docs/html-docs/Samba-HOWTO-Collection.html#ads-member there is stated:

Compiling samba with Active Directory support
In order to compile samba with ADS support, you need to have installed 
on your system:
- the MIT kerberos development libraries(...). the HEIMDAL libraries 
will NOT work.
- .....

does this ring some bells in your head?

Brian Otto wrote:
> Hi again all,
> 
> I'm trying to get samba 3b3 working with ADS on Suse 8.0 enterprise.
> I've installed heimdal kerberos 0.6 with openldap support.
> 
> Now when I did that, I used the configure options of:
> 
> ./configure --with-openldap=/usr/local/bin
> --with-openldap-include=/usr/local/include
> --with-openldap-lib=/usr/local/lib --enable-shared=yes
> 
> there's another config option of --with-openldap-config  with a note of
> "ldap config utility"  What the devil is that?  I can't seem to find any
> info on it, so am not sure if that's my problem.
> 
> Anyway, when compiling samba v3b3 I get this error:
> 
> Compiling libsmb/clikrb5.c
> libsmb/clikrb5.c: In function `krb5_princ_component':
> libsmb/clikrb5.c:398: warning: assignment discards qualifiers from
> pointer target type
> Compiling libsmb/clispnego.c with -fPIC
> 
> looks dangerous.
> 
> Than when I try a net ads join, I get:
> 
> linux:/home/packages/samba-3.0.0beta3/source # bin/net ads join -U
> administrator at DOMAIN.com
> administrator at DOMAIN.com password:
> [2003/08/13 13:04:14, 1] libsmb/clikrb5.c:ads_krb5_mk_req(267)
>   krb5_cc_get_principal failed (No such file or directory)
> [2003/08/13 13:04:14, 1] libsmb/clikrb5.c:ads_krb5_mk_req(274)
>   krb5_get_credentials failed for ads-server$@DOMAIN.COM (Unknown error
> -1765328343)
> [2003/08/13 13:04:14, 1] utils/net_ads.c:ads_startup(176)
>   ads_connect: Server is unavailable
> 
> Now, the fix for the same problem under BSD (thanks to WIll Froning) is
> to compile kerberos with ldap support, which is why I'm not sure if the
> kerberos is compiling ok.
> 
> Also, when I compile samba 3b1, I don't get the compile error and the
> "net ads" error is:
> 
> suseserver2:/var/log/samba # net ads join  -U administrator at DOMAIN.COM
> administrator at DOMAIN.COM password:
> [2003/08/13 10:14:26, 1] libsmb/clikrb5.c:ads_krb5_mk_req(267)
>   krb5_cc_get_principal failed (No such file or directory)
> [2003/08/13 10:14:26, 1] libsmb/clikrb5.c:ads_krb5_mk_req(274)
>   krb5_get_credentials failed for ads-server$@DOMAIN.COM (Unknown error
> 2529638927)
> [2003/08/13 10:14:26, 0] libads/ldap.c:ads_join_realm(1352)
>   Host account for suseserver2 already exists - deleting old account
> [2003/08/13 10:14:26, 1] libads/krb5_setpw.c:ads_krb5_set_password(529)
>   krb5_get_credentials failed (Unknown error 2529638927)
> ads_set_machine_password: Unknown error 2529638927
> 
> Notice, it actually lets me add the machine!  Also, either machine, the
> 'net ads lookup' command works fine, as does klist, and kinit.
> 
> Any ideas?
> 
> Many thanks
> 
> -Brian Otto
> --
> The opinions expressed herein are my own and do not necessarily reflect
> those of my employers
> 
> 
>

More information about the samba mailing list