[Samba] [samba] ldapsearch & GSSAPI => Server not found in Kerberos database
mathias dufresne
infractory at gmail.com
Tue Jun 7 13:29:46 UTC 2016
Hi all,
I've got on AD DC using Samba 4.4.3 on Centos7 which accept Kerberos
connections (kinit is working), which accept ldapsearch with credentials
but which refuse ldapsearch with GSSAPI.
The issue does not seem to be coming from the client as I discovered this
issue writing a script to test all 22 DC, and all 21 others DC are working
well from that client.
The error:
SASL/GSSAPI authentication started
ldap_sasl_interactive_bind_s: Local error (-2)
additional info: SASL(-1): generic failure: GSSAPI Error:
Unspecified GSS failure. Minor code may provide more information (Server
not found in Kerberos database)
I did reinstall the whole server ('cause I'm lazy, hoping the issue
disappear by itself) but the issue was the same, i did reinstall it again
(a script do that, I'm really lazy) but after demoting it from FSMO owner
with --remove-other-dead-server, same issue.
All DCs have same configuration file, as it'sa script which manage
installation I expect they are all identical and so I'm totally puzzled
facing this issue. If anyone has some idea, some leads, I take it : )
More information about the samba
mailing list