[Samba] Samba 3.0alpha23 problems

Jordan, Shane sjordan at akili.com
Tue May 13 21:26:29 GMT 2003

Ok guys I am having some issues with Samba via ADS.

I went to browse a share I setup on my Linux box and it prompted me for a
username and password. This did not work but I found this in the log.winbind

[2003/05/13 16:15:56, 1]
  scanning trusted domain list
[2003/05/13 16:15:56, 1] libsmb/clikrb5.c:krb5_mk_req2(267)
  krb5_cc_get_principal failed (No credentials cache found)
[2003/05/13 16:15:57, 0] libads/kerberos.c:ads_kinit_password(133)
  kerberos_kinit_password HOST/demarc at CORP.DELINEA.COM failed:
Preauthentication failed
[2003/05/13 16:15:57, 1] nsswitch/winbindd_ads.c:ads_cached_connection(69)
  ads_connect for domain CORP failed: Invalid credentials

Now let me shed some light before everyone ask what I did and didn't do :)

I setup and joined the ads server fine via "net ads join" The machine shows
up fine. Also doing a the kinit sjordan at corp.delinea.com goes through
perfect with no errors. I checked the ADS server and the computer demarc
does show as being joined to the ADS server.

Now one odd thing showed up for me:
wbinfo -m
comes up with nothing.

Here is my smb.conf file:

        workgroup = CORP
        netbios name = demarc
        remote announce =
        realm = CORP.DELINEA.COM
        ads server =
        server string = Linux

        security = ADS
        password server = CORPSVCS
        passwd program = /usr/bin/passwd %u
        encrypt passwords = yes
        unix password sync = Yes
        preferred master = No
        local master = No
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        domain master = No
        dns proxy = no
        ldap ssl = no

        winbind separator = +
        winbind uid = 10000-20000
        winbind gid = 10000-20000
        winbind enum users = yes
        winbind enum groups = yes
        winbind use default domain = No
        template homedir = /home/%U
        template shell = /bin/bash

        guest ok = no
        read only = yes
        admin users = CORP+sjordan

I also tried just CORP as the realm and I get the same problem.

One other thing. If I comment out DOMAIN = CORP I can actually do a \\demarc
and I can get access to the shares and they work perfect....when I do this
wbinfo -m shows the following:

Please help or give me some ideas of where to go next. I am totally lost


More information about the samba mailing list