[Samba] kinit succeeded but ads_sasl_spnego_krb5_bind failed
Rowland penny
rpenny at samba.org
Sat Apr 9 10:40:50 UTC 2016
On 09/04/16 11:30, Lists wrote:
> Ok I am sorry was a test I send you again the smb.conf
>
> # Global parameters
> [global]
> netbios name = SOLFS
> security = ADS
> workgroup = SOLAE
> realm = SOLAE.LOCAL
>
> log file = /var/log/samba/%m.log
> log level = 1
>
> dedicated keytab file = /etc/krb5.keytab
> kerberos method = secrets and keytab
> winbind refresh tickets = yes
>
> winbind trusted domains only = no
> winbind use default domain = yes
> winbind enum users = yes
> winbind enum groups = yes
>
> # Important: The ranges of the default (*) idmap config
> # and the domain(s) must not overlap!
>
> # Default idmap config used for BUILTIN and local accounts/groups
> idmap config *:backend = tdb
> idmap config *:range = 2000-9999
>
> # idmap config for domain SOLAE
> idmap config SOLAE:backend = rid
> idmap config SOLAE:range = 10000-99999
>
> # Use template settings for login shell and home directory
> winbind nss info = template
> template shell = /sbin/bash
> template homedir = /home/%U
> #[profiles]
> # path = /var/lib/samba/profiles
> # read only = no
>
> #[Public]
> # path = /home/Public
> # read only = no
>
> #[Application]
> # path = /home/Application
> # read only = no
>
>
>
>
Set /etc/resolv.conf on the machine you are trying to join to:
search solae.local
nameserver 10.0.0.22
Set /etc/hosts to:
10.0.0.25 solfs solfs.solae.local
127.0.0.1 localhost localhost.localdomain localhost4
localhost4.localdomain4
::1 localhost localhost.localdomain localhost6
localhost6.localdomain6
Now try a few tests:
ping -c1 10.0.0.25
ping -c1 10.0.0.22
ping -c1 solad
ping -c1 solad.solae.local
If all these tests pass, try the join again
Rowland
More information about the samba
mailing list