[Samba] smbd/sesssetup.c:reply_spnego_kerberos(173) Failed to
verify incoming ticket!
joysn at gmx.net
joysn at gmx.net
Tue Feb 1 22:04:49 GMT 2005
Hello!
i have troubles to connect to a samba 3.0.10 which is configured
to be an AD domain member using it's netbios name rather than it's
ip address from a windows 2000 professionall machine with sp4
installed.
the ADS is a w2k server with sp4.
i use MIT kerberos 1.3.6 on a debian sarge machine, which sould not
require a krb5.conf as found in the samba howto collection.
i have read some postings with the same subject, but i didn't get a
solution from the answers given.
smb.conf:
[global]
netbios name = server-samba
security = ADS
realm = BS1.ADS.LOCAL
password server = w2k-srv.bs1.ads.local
client use spnego = yes
use spnego = yes
workgroup = BS1_ADS
server string = %h server (Samba %v)
wins server = 192.168.0.100
dns proxy = no
name resolve order = lmhosts host wins bcast
log file = /var/log/samba/log.%m
max log size = 1000
syslog = 0
encrypt passwords = true
passdb backend = tdbsam guest
obey pam restrictions = no
invalid users = root
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
idmap uid = 10000-20000
idmap gid = 10000-20000
template shell = /bin/bash
template home dir = /home/%U
winbind separator = +
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = yes
[data]
comment = Test
path = /tmp
read only = yes
/etc/hosts:
127.0.0.1 localhost.localdomain localhost debian
192.168.0.100 w2k-srv.bs1.ads.local w2k-srv
i use the ADS as dns server in resolv.conf.
when connecting using the ip address of the samba machine all works
fine, but when i use the netbios name i always get a login dialog...
whats wrong with this setup?
thx,
Joysn
--
"The greatest proof that intelligent life other that humans exists in
the universe is that none of it has tried to contact us!"
More information about the samba
mailing list