[Samba] AD integration not working after move/version
Rowland Penny
rpenny at samba.org
Sat Mar 18 18:00:38 UTC 2017
On Sat, 18 Mar 2017 17:49:31 +0100
Henrik Johansson <henrikj at henkis.net> wrote:
> Hi Rowland and thanks for your reply,
>
>
> Short summary; this is on a old Solaris 10 system, the virtual host
> is a Solaris zone, or two instance of the zone on two hosts for
> failover. The config is years old and I had no part in this, but we
> needed to upgrade Solaris Oracle has only managed to release 3.5.8 or
> something close to that as patches. I could of course compile my own
> version or something but Samba was not the scope for this operation,
> it just stopped working which is a huge problem, and it can be
> because we needed to switch to the other zone or because the config
> did not work with this slightly newer version.
>
OK, I wonder if you are running into the result of the badlock patches ?
>
> kinit succeeded but ads_sasl_spnego_krb5_bind failed: Server not
> found in Kerberos database Failed to join domain: failed to connect
> to AD: Server not found in Kerberos database
What is the DC ?
What have you got in /etc/krb5.conf (or wherever it is)
Does /etc/resolv.conf use the DC as the first nameserver
>
> I am under the impression that it’s kerberos.
>
Samba uses winbind to talk to AD, so your first step will probably need
to be, adding the idmap config lines as suggested by Marc.
Rowland
More information about the samba
mailing list