[Samba] Samba 4 kerberos and kinit

Michael Wood esiotrot at gmail.com
Fri Jan 13 15:46:15 MST 2012


On 13 January 2012 14:00, steve <steve at steve-ss.com> wrote:
[...]
> OK
> Getting somewhere. I've got rid of the Kerberos: Server not found in
> database: krbtgt/SITE at HH3.SITE error.
>
> Now samba 4 is giving me this:
>
> ldb_wrap open of secrets.ldb
> Terminating connection - 'ldapsrv_call_loop: tstream_read_pdu_blob_recv() -
> NT_STATUS_CONNECTION_DISCONNECTED'
> single_terminate: reason[ldapsrv_call_loop: tstream_read_pdu_blob_recv() -
> NT_STATUS_CONNECTION_DISCONNECTED]
>
> and /var/log/messages this:
>
> Jan 13 12:19:39 hh3 nslcd[3465]: GSSAPI Error: Unspecified GSS failure.
>  Minor code may provide more information (Credentials cache permissions
> incorrect)

What are the permissions on /usr/local/samba, /usr/local/samba/private
and /usr/local/samba/private/secrets.tdb?  And also your keytab and
the directory it's in.

> Jan 13 12:19:39 hh3 nslcd[3465]: [8b4567] failed to bind to LDAP server
> ldap://localhost: Local error
> Jan 13 12:19:39 hh3 nslcd[3465]: [8b4567] no available LDAP server found
>
> Finally got the new git working. Something must have changed since the last
> checkout I used because I had to comment out the:
>
> sasl_mech GSSAPI
>
> in /etc/nslcd.conf

This is probably related the the above error.  i.e. it's refusing to
use GSSAPI because you have bad permissions somewhere.

-- 
Michael Wood <esiotrot at gmail.com>


More information about the samba mailing list