[Samba] Can't join Linux host to AD - "Improper format of Kerberos configuration file"
rpenny at samba.org
Tue Jun 11 17:48:46 UTC 2019
On 11/06/2019 14:05, Andreas Habel via samba wrote:
> security = ADS
> workgroup = IERLAB
> realm = IERLAB.UX.UIS.NO
> log file = /var/log/samba/%m.log
> log level = 1
> # Default ID mapping configuration for local BUILTIN accounts
> # and groups on a domain member. The default (*) domain:
> # - must not overlap with any domain ID mapping configuration!
> # - must use a read-write-enabled back end, such as tdb.
> idmap config * : backend = tdb
> idmap config * : range = 3000-7999
> # - You must set a DOMAIN backend configuration
> # idmap config for the IERLAB domain
> idmap config IERLAB:backend = ad
> idmap config IERLAB:schema_mode = rfc2307
> idmap config IERLAB:range = 10000-999999
> idmap config IERLAB:unix_nss_info = yes
> vfs objects = acl_xattr
> map acl inherit = yes
> store dos attributes = yes
> # Template settings for login shell and home directory
> template shell = /bin/bash
> template homedir = /home/%U
Nothing wrong there either.
All I can suggest is that you delete the contents of /etc/krb5.conf and
retype them again, check that your dns domain is ierlab.ux.uis.no ,
check that the first nameserver in /etc/resolv.conf points to an AD DC,
check that 'hostname -s', 'hostname -f' produces the expected results.
More information about the samba