[Samba] ADS File Sharing issue

Dege, Robert C. robert.dege at ngc.com
Tue Dec 7 18:52:37 GMT 2004


I have been assigned the gracious honor of migrating all of our linux systems (with samba) from a domain environment to our new fancy schmancy Active Directory environment.  We do not have any intentions of using ADS for login authentication.  We only want to establish a transparent file sharing environment between our linux systems & Windows 2000 systems.  I have been successfully upgrading our RedHat 9.0 systems, until I ran into a problem with the latest system (ralphie).

After configuring the system, when I attempt to access any share on ralphie, I am prompted for a username and password.  This automatically implies a broken connection since the share window should automatically appear.  When checking the samba logs, I found the following error messages:

[2004/12/06 14:36:51, 1] libads/kerberos_verify.c:ads_secrets_verify_ticket(155)
  ads_secrets_verify_ticket: failed to fetch machine password
[2004/12/06 14:36:51, 1] smbd/sesssetup.c:reply_spnego_kerberos(173)
  Failed to verify incoming ticket!

here are the steps I followed to upgrade ralphie:

*) Remove old samba-2.x rpms & install samba-3.0.9-1 that I downloaded from the samba site.
*) Upgrade old krb5 rpms to ver. 1.3.4 (I used src RPMS & rebuild them for this machine)
*) Use the tailored krb5.conf file & smb.conf file.
*) modify smb.conf & change netbios name.
*) Add Netbios name to Active Directory (on the Windows side)
*) /usr/kerberos/bin/kinit administrator at COMP.COM --> (was successful)
*) net -Uadministrator ads join --> (was successful)
*) Start samba service.

These steps worked on my other linux systems, so I'm confused why ralphie is not working.  Does anyone have some suggestions or any ideas?


More information about the samba mailing list