[Samba] Kerberos negotion error? reply_spnego_kerberos(250)
Ryan.Worthington at westam.com
Ryan.Worthington at westam.com
Fri Jan 14 15:41:45 GMT 2005
On Thu, 2005-01-13 at 11:04 -0600, Ryan.Worthington at westam.com wrote:
>> Good morning everyone,
>>
>> I have had Samba 3.0.9 running on Solaris, connected to a Windows AD
>> domain for a couple of weeks now, and i've suddenly started getting the
>> following errors:
>>
>> [2005/01/07 11:31:55, 1] smbd/sesssetup.c:reply_spnego_kerberos(250)
>> Username <domain>\IT075$ is invalid on this system
>>
>So, are you running winbindd, and is it really Samba 3.0.9? These are
>requests for machine accounts, as the local system service is performing
>a network activity. Winbindd has been providing these accounts for a
>number of versions now. If you don't run winbindd, then it's your
>responsibility to provide all the equivalent accounts.
>
>Andrew Bartlett
Yes, this is really version 3.0.9 according to wbinfo -V
As it turns out, winbindd wasn't running. Doesn't it start automatically?
If not, how would I ensure that it does?
Also, I've been reading on winbindd, and I'm wondering if its really
necessary for what I want to accomplish. All I'm trying to do is allow
Windows hosts to access files on a Unix (Solaris) server. I don't want my
users logging on to the servers with their Windows credentials. With this
in mind, is it necessary to configure nsswitch.conf? When you mention
machine accounts, are you saying its necessary to create accounts for each
machine in smbpasswd?
Please forgive my ignorance, Samba is brand new to me.
--
Ryan Worthington
Systems and Network Analyst
"Difficile est satiram non scribere."
This message is confidential and may be privileged. It is
intended solely for the named addressee. If you are not the
intended recipient please inform us. Any unauthorised
dissemination, distribution or copying hereof is prohibited.
As we cannot guarantee the genuineness or completeness of
the information contained in this message, the statements
set forth above are not legally binding.
More information about the samba
mailing list