[Samba] Problems joining Samba4 domain
Rowland Penny
rowlandpenny at googlemail.com
Sun Oct 13 07:29:03 MDT 2013
On 13/10/13 14:01, X-Dimension wrote:
> After some minutes the problem exists again! :(
> I' can't login anymore as an domain user and i can't join other
> clients to the
> Samba4 domain.
> After restart the Server it looks like it works again, but some
> minutes later
> i ran into the same problems.
>
> What goes wrong?
>
>
> Am 13.10.2013 14:27, schrieb X-Dimension:
>> I have fixed this problem by changing the following line in
>> /etc/krb5.conf
>>
>> from
>>
>> dns_lookup_realm = false
>>
>> to
>>
>> dns_lookup_realm = true
>>
>> Why must i change this line?
>> When provisioning Samba4 the first time krb5.conf is generated
>> automatically with the option "dns_lookup_realm = false".
>>
>>
>> Am 14.09.2013 23:28, schrieb X-Dimension:
>>> Hi!
>>>
>>> I've installed Samba4 like described here on Ubuntu 12.04.3
>>>
>>> http://www.matrix44.net/cms/notes/gnulinux/samba-4-ad-domain-with-ubuntu-12-04
>>>
>>>
>>> DNS with BIND_DLZ backend seems to work and i can add DNS records
>>> without a problem with Microsoft RSAT.
>>>
>>> When i try kinit on the server i get the following:
>>>
>>> root at PDC:~# kinit administrator
>>> Password for administrator at MYDOMAIN.LAN:
>>>
>>> -> Works fine
>>>
>>> root at PDC:~# kinit administrator at MYDOMAIN.LAN
>>> Password for administrator at MYDOMAIN.LAN:
>>>
>>> -> Works fine
>>>
>>> root at PDC:~# kinit administrator at mydomain.lan
>>> Password for administrator at mydomain.lan:
>>> kinit: KDC reply did not match expectations while getting initial
>>> credentials
>>>
>>> -> Don't work
>>>
>>> When i try to join a Windows 7 Professional client to my domain, i
>>> get this:
>>>
>>> 1. Joining as user "administrator" to domain "mydomain" or
>>> "MYDOMAIN" or "mydomain.lan" or "MYDOMAIN.LAN"
>>> -> wrong username or password
>>>
>>> 2. Joining as user "administrator at mydomain" to domain "mydomain"
>>> -> works fine
>>> But after a reboot i can't login as "administrator at mydomain" and i
>>> get wrong username and password
>>>
>>> My krb5.conf looks like this:
>>>
>>> [libdefaults]
>>> default_realm = MYDOMAIN.LAN
>>> dns_lookup_realm = false
>>> dns_lookup_kdc = true
>>>
>>> What goes wrong here?
>>>
>>> Thanks for help!
>>>
>>>
>>
>
Just how closely did you follow the webpage you posted in your OP? , it
seems to be using the standard samba4 packages from Ubuntu, which if I
remember correctly are broken. Also there is a howler on the webpage you
posted, you are advised to create a share called [global] , this is the
standard top share that you will find in any smb.conf.
I would advise you to compile samba4 yourself, it is easy, see here:
https://wiki.samba.org/index.php/Build_Samba
I would also suggest that you use the latest tarball (4.1.0)
Rowland
More information about the samba
mailing list