[Samba] Kerberos: Principal may not act as server ERROR
Aggarwal, Ajay
Ajay.Aggarwal at stratus.com
Thu Jul 29 10:55:02 MDT 2010
Our environment: samba4 (alpha12) running on centos 5.4.
We are experimenting with Hyper-V 2008 R2 Failover Clustering, which
requires Active Directory. We are trying to see if samba-4 will work as
the AD server. We are trying to create 2 node failover cluster. Both
nodes have joined the domain successfully (with samba-4 as the DC). But
subsequent steps of creating the "Failover Cluster" are failing and we
see following error in samba log
Kerberos: TGS-REQ administrator at SAMBALIME.STRATUS.COM from
ipv4:10.90.0.87:49614 for Administrator at SAMBALIME.STRATUS.COM
[canonicalize, renewable, forwardable]
Kerberos: Principal may not act as server --
Administrator at SAMBALIME.STRATUS.COM
Kerberos: Failed building TGS-REP to ipv4:10.90.0.87:49614
Terminating connection - 'kdc_tcp_call_loop:
tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED'
single_terminate: reason[kdc_tcp_call_loop: tstream_read_pdu_blob_recv()
- NT_STATUS_CONNECTION_DISCONNECTED]
Is something wrong with our configuration (smb.conf)?
-Ajay
More information about the samba
mailing list