David Michaels dragon at raytheon.com
Wed Apr 20 18:00:21 GMT 2005

> Michael Wray wrote:
>wbinfo -t fails with the error in subject, and getting sids of groups that 
>aren't BUILTIN fail. Everything else seems to work.  Note: I am not 
>converting my kerberos tickets to krb4, is this necessary?  (It used to work 
>without it..but now it seems not to work.)  I get no errors from kinit. 
>all other wbinfo requests succeed with the exception of looking up the SIDS of 
>groups that aren't BUILTIN.
>I need to get the SIDS for my application.
>net ads testjoin succeeds, as does net rpc testjoin.
>Get the exact same error on 2 different domains, one is 2003 the other is 2000 
>Active Directory on both.

I was seeing this behavior with 3.0.4, server = domain.  "wbinfo -t" 
would usually result in the subject message appearing in the winbind 
error log file, and the secret check would fail.

I modified my "password server =" entry to point to the FQDN of the PDC, 
/and/ the canoniical name of the PDC (hostname only).  After that, 
wbinfo -t returned success, quickly, and repeatedly.  Give that a try?


More information about the samba mailing list