[Samba] AD with MS-DFS
Andrea Lindner-Lorenz
lorenz at rz.rwth-aachen.de
Tue Jul 3 09:37:23 GMT 2007
Hello,
we have installed three samba servers(3.0.25a). All are members in the
same active directory domain (TESTAD). Now I try to set up a new samba
server (Version 3.0.10-1.4E.12.2 , newest version for Sientific Linux
4.4) in front of them which use ms-dfs to forward the request to the
right samba server. This server is an AD member,too.
I find out, that I have to run winbind on the new samba server, because
for every compute node inside the AD I have to create a unix user account.
Everything works if I try to connect to the new samba server from
a) a domain member
b) a member of a trusted domain. But I have to create a unix account for
this member. Winbind does not create this account. Is it possible, that
winbind create this account, too?
c) a compute node outside the domain with a account from a trusted domain
But it does not work from a compute node outside the domain with a
account from the first AD Domain (TESTAD). I get the following error message
inside the smbd logs.
[2007/07/03 10:56:24, 1] smbd/sesssetup.c:reply_spnego_kerberos(173)
Failed to verify incoming ticket!
How can I solve this problem?
Thanks,
Andrea
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5713 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.samba.org/archive/samba/attachments/20070703/68012fd8/smime.bin
More information about the samba
mailing list