[Samba] samba4+sssd+centos6
Steve Thompson
smt at vgersoft.com
Thu Aug 16 12:18:58 MDT 2012
As I mentioned before, I have a CentOS 6.3 system using SSSD (only) bound to
the (separate) samba4 DC as an LDAP/krb5 server. Client is using Samba
3.5.10.
I have successfully joined the client to the domain. Keytab is fine,
kerberos works, ldapsearch works, etc. DNS is good. The machine entry in
the DC database looks fine, and the userPrincipleName is correct. However,
any attempt to look up a user (eg with getent, id, ssh login, etc) fails
and leaves this evidence of a failed SASL bind in the client's sssd log:
(Thu Aug 16 13:58:37 2012) [sssd[be[SAMBA4]]] [sasl_bind_send] (0x0100):
Executing sasl bind mech: GSSAPI, user:
host/gulp.icse.cornell.edu at TITAN.TEST.CORNELL.EDU
(Thu Aug 16 13:58:38 2012) [sssd[be[SAMBA4]]] [sasl_bind_send] (0x0020):
ldap_sasl_bind failed (53)[Server is unwilling to perform]
and from the samba log on the DC, it looks as if everything proceeds OK
until the connection is suddenly dropped. I don't see what the reason
for this is; a level 10 log is at:
http://www.cbe.cornell.edu/~smt/samba4.log
(the DC is s6a.titan.test.cornell.edu, and the client is gulp.icse.cornell.edu,
on the same LAN segment. The kerberos realm is TITAN.TEST.CORNELL.EDU).
I'd appreciate it if someone could take a look at this debug log and try
to pinpoint the cause, because I surely can't see it. TIA!
Steve
More information about the samba
mailing list