[Samba] NFSV4 Client setup problem
L.P.H. van Belle
belle at bazuin.nl
Tue Dec 1 08:24:21 UTC 2015
- check your resolv.conf, make sure your Samba AD the first nameservers
- check if you resolv.conf search, has, search india.local
- is the time in sync with the DC?
- on debian, a login as "Administrator" (if mapped to root) wont work. ( or remove the mini
- in general, dont give Administrator a UID/GID
- in general, dont use Administrator for ssh logins, but thats a choice, beter is, create a new user, and give that one admin rights.
And have a look in to this script, works good on wheezy.
With above you can login without a password, but no tgt ticket is generated.
for fix that, add "kinit -f -p" in the bashrc
> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens VigneshDhanraj G
> Verzonden: dinsdag 1 december 2015 8:18
> Aan: samba-technical at lists.samba.org; samba at lists.samba.org
> Onderwerp: [Samba] NFSV4 Client setup problem
> I tried to bring up nfsv4 client setup, but when i joining AD server from
> my LINUX machine i always get below error
> "kinit succeeded but ads_sasl_spnego_krb5_bind failed: Server not found in
> Kerberos database
> Failed to join domain: failed to connect to AD: Server not found in
> Kerberos database"
> wbinfo -u command gives the user list
> net ads info gives the details of the AD
> when i tried to login from AD administrator user i am not able to login
> using ssh.
> i am using debian wheezy as client and windows 2003 Server as AD.
> my samba conf
> security = ADS
> realm = INDIA.LOCAL
> # If the system doesn't find the domain controller automatically, you may
> need the following line
> password server = INDIA.LOCAL
> # note that workgroup is the 'short' domain name
> workgroup = INDIA
> # winbind separator = +
> winbind refresh tickets = yes
> winbind enum users = yes
> winbind enum groups = yes
> template homedir = /home/%D/%U
> template shell = /bin/bash
> client use spnego = yes
> client ntlmv2 auth = yes
> encrypt passwords = yes
> winbind use default domain = yes
> restrict anonymous = 2
> kerberos method = secrets and keytab
> dedicated keytab file = /etc/krb5.keytab
> name resolve order = lmhosts host
> could anyone help regarding this?
> Vigneshdhanraj G
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba