[Samba] Issues with Samba 3.0.2 on OSX using ADS.
Huyler, Christopher M
CHRISTOPHER.HUYLER at ca.com
Fri Apr 23 19:47:20 GMT 2004
We have a Win2K network at work and I've been trying to integrate my Mac
10.3 machine into the network. It seems that once one thing is working,
something else is not. I have read through various Mac tutorials found
on the web but none seem to solve my problem.
Right now I have Active Directory Domain Logons working successfully but
Samba will not allow anyone (from Mac/Unix/Windows) to connect. I keep
getting the following entries in the /var/log/samba/log.smbd log:
[2004/04/23 15:07:03, 0]
/SourceCache/samba/samba-56/samba/source/smbd/server.c:main(747)
smbd version 3.0.2 started.
Copyright Andrew Tridgell and the Samba Team 1992-2004
[2004/04/23 15:07:19, 1]
/SourceCache/samba/samba-56/samba/source/smbd/sesssetup.c:reply_spnego_k
erberos(173)
Failed to verify incoming ticket!
I can't figure it out. I'm positive that Kerberos is configured
correctly because I can run kinit and klist successfully and I can log
in using my domain account. Here is some more info:
[root at usfrosx1 root]# net ads leave -S usildc03 -U huych02%xxxxxxxx
Removed 'USFROSX1' from realm 'CA.COM'
[root at usfrosx1 root]# net ads testjoin -S usildc03 -U huych02%xxxxxxxx
[2004/04/23 15:33:27, 0]
/SourceCache/samba/samba-56/samba/source/libads/kerberos.c:ads_kinit_pas
sword(133)
kerberos_kinit_password USFROSX1$@CA.COM failed: Client not found in
Kerberos database
Join to domain is not valid
[root at usfrosx1 root]# net ads join -S usildc03 -U huych02%xxxxxxxx
[2004/04/23 15:33:42, 0]
/SourceCache/samba/samba-56/samba/source/libads/ldap.c:ads_add_machine_a
cct(1086)
Warning: ads_set_machine_sd: Unexpected information received
Using short domain name -- TANT-A01
Joined 'USFROSX1' to realm 'CA.COM'
[root at usfrosx1 root]# net ads testjoin -S usildc03 -U huych02%xxxxxxxx
Join is OK
After all that, I still get the reply_spnego_kerberos(173) errors. Any
help would be appreciated, I have searched the net up and down and
nothing seems to help. Below is a copy of my smb.conf file for
reference:
[global]
netbios name = usfrosx1
workgroup = TANT-A01
server string = Mac OS X
security = ads
realm = CA.COM
password server = USILDC03 USILDC05
encrypt passwords = yes
use spnego = yes
client use spnego = yes
printer admin = @admin, @staff
unix charset = UTF-8-MAC
display charset = UTF-8-MAC
dos charset = 437
guest account = unknown
level2 oplocks = no
[homes]
comment = User Home Directories
browseable = no
read only = no
[public]
path = /tmp
public = yes
writable = no
printable = no
[printers]
path = /tmp
printable = yes
More information about the samba
mailing list