[Samba] Cannot find KDC for requested realm
Aaron Bostick
ABostick at zixcorp.com
Thu Sep 16 22:17:09 GMT 2004
Hi, I am trying to get samba/winbind setup to do active directory
authentication. I am using samba 3.0.7, kerberos 1.3.5, and openldap
2.2.17.
I can kinit and klist just fine. However, when I try to "net ads join
-d10 -Uabostick", I get the error listed below:
[2004/09/16 17:04:26, 3] libads/sasl.c:ads_sasl_spnego_bind(211)
ads_sasl_spnego_bind: got server principal name
=zixit-srv-01s$@MRKTG.ZIXADMIN.COM
[2004/09/16 17:04:26, 1] libsmb/clikrb5.c:ads_krb5_mk_req(313)
krb5_cc_get_principal failed (No credentials cache found)
[2004/09/16 17:04:26, 0] libads/kerberos.c:ads_kinit_password(136)
kerberos_kinit_password abostick at MRKTG.ZIXADMIN.COM failed: Cannot
find KDC for requested realm
[2004/09/16 17:04:26, 0] utils/net_ads.c:ads_startup(183)
ads_connect: Cannot find KDC for requested realm
[2004/09/16 17:04:26, 2] utils/net.c:main(792)
return code = -1
I am not using an administrator account but my account has privileges to
add computer accounts, so this shouldn't matter right?
If I run kdestroy and clear my ticket, then run "net ads join" and put
in my password, I get the error, but klist shows no ticket. The net
commands is not getting that far I guess.
Also, like the HOWTO described, I ran kinit, got a ticket. Then I ran
"net ads join" but it still prompts me for as password! It's almost as
if samba is ignoring my kerberos cache. I compiled using --with-krb5
and configure output showed most of the kerberos stuff with yes.
Any ideas on this? Is this a bug or did I build samba incorrectly?
Thanks,
Aaron
More information about the samba
mailing list