[Samba] Cannot authenticate the administrator account
anrdaemon at yandex.ru
Wed Apr 29 13:09:33 MDT 2015
>> Did I simply provision the REALM or domain incorrectly from the start?
>> testparm -v output shows I provided the following:
>> workgroup = INTERNAL
>> realm = EXAMPLE.COM
>> netbios name = SAMBA
> Looks that way to me. Your realm should include the workgroup name:
> It _might_ work if you don't specify the domain when you kinit ("kinit
> Administrator"), since kerberos will normally look up the default domain,
> or use whatever is configured as default in your krb5.conf, but I suspect
> you will have issues with anything that tries to do automatic ticket
Nothing is "SHOULD" as long as the settings follow basic requirements
(single-label NETBIOS domain name, resolvable REALM name).
I.e. I have domains provisioned with "ADS.<netbios domain name>.<tld>"
All works fine, given correct DNS configuration.
With best regards,
Wednesday, April 29, 2015 22:07:19
Sorry for my terrible english...
More information about the samba