[Samba] Winbindd on FreeBSD 4.10 Help

Luke Mewburn lukem-samba at mewburn.net
Tue Sep 28 12:03:39 GMT 2004 

On Thu, Sep 23, 2004 at 08:53:22AM -0400, Elijah Savage wrote:
  | When I installed this box I specifically installed it for this task and
  | installed linux compatibilty during intstall, the /etc/nsswitch.conf was
  | created and everything. I can join my AD domain as NT4 style but not
  | with ADS which is strange and it works with NT4 style as long as the
  | usernames are local to the samba machine. It was recommended that I run
  | the latest heimdal 0.6.1 so I mad world last night everything went great
  | and I am running the latest 4.10 stable with heimdal 0.6.1 and I get
  | these errors when I try to join the AD domain as ADS. But if I use the
  | rpc join for nt4 style it joins right up I can see all my shares on the
  | samba box and get to them. One good thing out of all this it is on a lab
  | LAN so I am glad I got a chance to test it before trying to implement
  | it. 
  | 
  | ns1# kinit Administrator at DIGITALRAGE
  | FreeBSD Inc. (luke.digitalrage.org)
  | Kerberos Initialization for "Administrator at DIGITALRAGE"
  | Password: 
  | kinit: Can't send request (send_to_kdc)

Try k5init instead of kinit, And k5list/k5destroy/...
("mmm, FreeBSD" . . . )


  | ns1# net ads join -U Administrator%XXXXXX
  | [2004/09/23 07:15:57, 0] libads/kerberos.c:ads_kinit_password(136)
  |   kerberos_kinit_password Administrator at DIGITALRAGE.LOCAL failed:
  | Unknown error -1765328228
  | [2004/09/23 07:15:57, 0] utils/net_ads.c:ads_startup(183)
  |   ads_connect: Unknown error -1765328228

According to
	http://www.net.berkeley.edu/kerberos/k5msgs.html
error -1765328228 is
	Cannot contact any KDC for requested realm.



I know that on NetBSD 2.0_RC1 (which has Heimdal 0.6.3) with Samba 3.0.7
I can do
	% kinit Administrator at SOME.REALM
	(enter password; note that kinit on NetBSD is krb5 kinit)
	% net ads join -U Administrator
and the computer account gets created in the ADS.

Also, once this is done I can kinit as a user of the realm and use
'smbclient -k -L //someserver/' and things Just Work.

I'm still working on getting libnss_winbind.so ported to NetBSD-current,


Luke.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 186 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba/attachments/20040928/11f11642/attachment.bin

More information about the samba mailing list