[Samba] kinit: Cannot contact any KDC for realm 'MY.LOCAL.' while getting initial credentials
Lluís Danés
lluisdanes at gmail.com
Tue Sep 15 12:30:04 UTC 2015
Solved! It was related to .local TLD. (perhaps avahi (I have an
avahi-daemon running)... I don't know since I have never used it and I
don't know what is)
Since I've replaced by a new one (ad.example.com using EXAMPLE NetBIOS
domain) all works again and kinit administrator at AD.EXAMPLE.COM works again.
Thanks
2015-09-15 12:21 GMT+02:00 Rowland Penny <rowlandpenny241155 at gmail.com>:
> On 15/09/15 10:59, Lluís Danés wrote:
>
>>
>> 2015-09-15 11:39 GMT+02:00 Rowland Penny <rowlandpenny241155 at gmail.com
>> <mailto:rowlandpenny241155 at gmail.com>>:
>>
>> On 15/09/15 09:40, Lluís Danés wrote:
>>
>> Well, I downloaded it manually without using git. I've
>> compiled it with the "--with-acl-support" because I thought it
>> was not included as default (I remember that I read it from
>> the wiki that it was said to build samba by yourself if you
>> want to use windows ACL's).
>>
>>
>> Can you remember just where on the wiki it said that ?
>> You can use distro packages (well except red-hat packages and only
>> then if you want to setup a DC) or the packages from Sernet.
>>
>>
>> I read this wiki
>> https://wiki.samba.org/index.php/Shares_with_Windows_ACLs This line:
>> "To use the advanced features of Samba, it has to be compiled with ACL
>> support (e. g. RHEL requires the libacl-devel to be installed, when
>> compiling)." confused me.
>>
>
> Would you have understood this better:
>
> To use the advanced features of Samba, it needs to have been compiled with
> ACL support. As far as is known, all available Samba 4 packages are
> compiled in this way. Unfortunately there are no Samba 4 RHEL AD DC distro
> packages available at this time, so if you require to install an AD DC on a
> RHEL based system you will need to compile Samba4 yourself, or use the
> Sernet packages. If you do compile Samba 4, you will need to install the
> relevant libacl development package for your distro (e.g. RHEL requires the
> libacl-devel package to be installed).
>
> Rowland
>
>
>
>>
>> How can I see the default options before run ./configure?
>>
>>
>> ./configure --help
>>
>> You usually don't have to add anything, unless you need to specify
>> something that isn't a default or is different from the default
>> i.e. use a different prefix.
>>
>>
>>
>> Otherwise, I've a dot on my realm MY.LOCAL. but it was a
>> mistake when I create this mail. I've the same problem without
>> the dot. This dot was introduced because I've tried it using a
>> dot without success. So if I've
>>
>> /etc/krb5.conf
>> [libdefaults]
>> default_realm = MY.LOCAL
>> dns_lookup_realm = false
>> dns_lookup_kdc = true
>>
>>
>> and then i run: kinit administrator at MY.LOCAL
>> I get: kinit: Cannot contact any KDC for realm 'MY.LOCAL'
>> while getting initial credentials
>>
>>
>> Is your 'TLD' actually '.local' and if so, try stopping avahi
>>
>>
>> Yes, its my TLD. I will check by stopping avahi.Perhaps .LOCAL is a bad
>> TLD for samba as I've read right now.
>>
>> Is Samba running at this stage ? if it isn't, then your KDC isn't
>> either.
>>
>>
>> Samba is running. These 2 commands also works:
>> smbclient -L localhost -U%
>> smbclient //localhost/netlogon -UAdministrator -c 'ls'
>>
>>
>>
>> Rowland
>>
>> -- To unsubscribe from this list go to the following URL and read
>> the
>> instructions: https://lists.samba.org/mailman/options/samba
>>
>>
>>
>>
>> --
>> Lluís Danés
>>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
>
--
Lluís Danés
More information about the samba
mailing list