[Fwd: Re: [Samba] Authenticating Linux Against AD with Winbind]

James Zuelow James_Zuelow at ci.juneau.ak.us
Tue Oct 10 21:59:38 GMT 2006

samba-bounces+james_zuelow=ci.juneau.ak.us at lists.samba.org wrote:
> Thanks everyone for the help. I'm now a step further. I changed my
> smb.conf with the values James mentioned:
> server = ads
> realm = <our realm>
> I then used a "net ads join" instead of a "net rpc join" and
> I get the
> following:
> Using short domain name -- GARNET
> [2006/10/10 15:40:42, 0] libads/kerberos.c:get_service_ticket(335)
>   get_service_ticket: kerberos_kinit_password TESTMAIL2$@<our
> domain>@<our domain> failed: Client not found in Kerberos database
> free(): invalid pointer 0xb74c43a0!
> free(): invalid pointer 0xbfffcf08!
> Segmentation fault

Try this:

kinit administrator@<our realm>

If you've renamed your builtin domain admin account, change the name.
You should be prompted for the password.

This will jumpstart your kerberos tickets.

You can try rejoining the domain (it doesn't hurt in my experience --
just updates the machine account) and see if you still get the errors.

Usually you only have to do this once - kerberos just sort of works
after you set it up.

James Zuelow....................CBJ MIS (907)586-0236
Network Specialist...Registered Linux User No. 186591

More information about the samba mailing list