[Samba] AD member server setup with winbind idmap_rid - usersprom pted fo r password

Geoffrey Scott geoffs at guestshire.com
Tue Jan 3 02:15:39 GMT 2006

Geoffrey Scott wrote:
> Question:
> How can I stop users from being prompted for a password?
> secrets.tdb doesn't get created.
Answering my own post.....  Secrets.tdb gets created but for some reason in

The logs repeatedly show this:
[2005/12/30 15:00:38, 1] smbd/sesssetup.c:reply_spnego_kerberos(180)
  Failed to verify incoming ticket!

Jerry posted a comment about this here, to him it seems that secrets.tdb was
not found:

He asked what does smbd -b | grep PRIVATE  show.  For me this is it:

   PRIVATE_DIR: /etc/samba

So, what creates secrets.tdb when you net ads join?  I ask as I am running
the Samba teams .debs for Sarge on a Ubuntu-server box.  Would there be a
mismatch because of this or has Simo, the samba package maintainer made a
tiny boo-boo?  I will create a symlink to get around the problem.  But will
an updated package change this and cause me difficulties?

> These things work:
> root# net ads testjoin
> Join is OK
> wbinfo -t or -u or -g  all show what they are supposed to show.

Regards Geoff

More information about the samba mailing list