[Samba] kinit: Cannot contact any KDC for realm 'MY.LOCAL.' while getting initial credentials

Rowland Penny rowlandpenny241155 at gmail.com
Tue Sep 15 10:21:36 UTC 2015 

On 15/09/15 10:59, Lluís Danés wrote:
>
> 2015-09-15 11:39 GMT+02:00 Rowland Penny <rowlandpenny241155 at gmail.com 
> <mailto:rowlandpenny241155 at gmail.com>>:
>
>     On 15/09/15 09:40, Lluís Danés wrote:
>
>         Well, I downloaded it manually without using git. I've
>         compiled it with the "--with-acl-support" because I thought it
>         was not included as default (I remember that I read it from
>         the wiki that it was said to build samba by yourself if you
>         want to use windows ACL's).
>
>
>     Can you remember just where on the wiki it said that ?
>     You can use distro packages (well except red-hat packages and only
>     then if you want to setup a DC) or the packages from Sernet.
>
>
> I read this wiki 
> https://wiki.samba.org/index.php/Shares_with_Windows_ACLs  This line: 
> "To use the advanced features of Samba, it has to be compiled with ACL 
> support (e. g. RHEL requires the libacl-devel to be installed, when 
> compiling)." confused me.

Would you have understood this better:

To use the advanced features of Samba, it needs to have been compiled 
with ACL support. As far as is known, all available Samba 4 packages are 
compiled in this way. Unfortunately there are no Samba 4 RHEL AD DC 
distro packages available at this time, so if you require to install an 
AD DC on a RHEL based system you will need to compile Samba4 yourself, 
or use the Sernet packages. If you do compile Samba 4, you will need to 
install the relevant libacl development package for your distro (e.g. 
RHEL requires the libacl-devel package to be installed).

Rowland

>
>
>         How can I see the default options before run ./configure?
>
>
>     ./configure --help 
>
>
>     You usually don't have to add anything, unless you need to specify
>     something that isn't a default or is different from the default
>     i.e. use a different prefix. 
>
>
>
>
>         Otherwise, I've a dot on my realm MY.LOCAL. but it was a
>         mistake when I create this mail. I've the same problem without
>         the dot. This dot was introduced because I've tried it using a
>         dot without success.  So if I've
>
>         /etc/krb5.conf
>         [libdefaults]
>                 default_realm = MY.LOCAL
>                 dns_lookup_realm = false
>                 dns_lookup_kdc = true
>
>
>         and then i run: kinit administrator at MY.LOCAL
>         I get: kinit: Cannot contact any KDC for realm 'MY.LOCAL'
>         while getting initial credentials
>
>
>     Is your 'TLD' actually '.local' and if so, try stopping avahi
>
>
> Yes, its my TLD. I will check by stopping avahi.Perhaps .LOCAL is a 
> bad TLD for samba as I've read right now.
>
>     Is Samba running at this stage ? if it isn't, then your KDC isn't
>     either.
>
>
>  Samba is running. These 2 commands also works:
> smbclient -L localhost -U%
> smbclient //localhost/netlogon -UAdministrator -c 'ls'
>
>
>
>     Rowland
>
>     -- 
>     To unsubscribe from this list go to the following URL and read the
>     instructions: https://lists.samba.org/mailman/options/samba
>
>
>
>
> -- 
> Lluís Danés

More information about the samba mailing list