[Samba] Auth errors with winbind on member server with Native AD
Paul_Krash
codesup at alonsystems.com
Mon Apr 18 18:47:49 GMT 2005
John Stile wrote:
> So many people have posted this problem!
> The steps to debug need to be in a FAQ.
>
> The short question is:
> Can there be a disconnect between the short and long REALM names,
> leading to winbind-to-AD authentication errors? and How do I fix it?
Read this 1st (if you have not already).
http://us1.samba.org/samba/docs/man/Samba-HOWTO-Collection/FastStart.html
I am assuming W2K3 server, your realm mapping in krb5.conf
looks fine. However, conversion from krb4 is not necessary.
What do the Windows Server Logs say?
Other thing I though might help:
in nsswitch.conf change to:
passwd: files winbind
shadow: files nisplus nis
group: files winbind
hosts: files dns winbind
bootparams: nisplus [NOTFOUND=return] files
ethers: files
netmasks: files
networks: files
protocols: files
rpc: files
services: files
netgroup: nisplus
publickey: nisplus
automount: files winbind nisplus
aliases: files nisplus
Best,
PKrash
More information about the samba
mailing list