Can anyone suggest how to get around the following?
[2009/09/05 00:32:55, 3] libads/sasl.c:ads_sasl_spnego_bind(300) ads_sasl_spnego_bind: got server principal name = [email protected] [2009/09/05 00:32:55, 3] libsmb/clikrb5.c:ads_krb5_mk_req(593) ads_krb5_mk_req: krb5_cc_get_principal failed (No credentials cache found) [2009/09/05 00:32:56, 0] libads/kerberos.c:ads_kinit_password(228) kerberos_kinit_password [email protected] failed: Preauthentication failed This is what my samba RPMs are # rpm -qa | grep -i samb samba-client-3.0.33-3.7.el5 system-config-samba-1.2.41-3.el5 samba-common-3.0.33-3.7.el5 samba-3.0.33-3.7.el5 # uname -a Linux samserv1.domain.example.com 2.6.18-128.el5PAE #1 SMP Wed Dec 17 12:02:33 EST 2008 i686 i686 i386 GNU/Linux # cat /etc/redhat-release Red Hat Enterprise Linux Server release 5.3 (Tikanga) The smb.conf file uses Security = ads Use Kerberos keytab = true AD logins from Linux work just fine (ruling out the obvious such as time synchronization etc.), 'net ads info' and 'net ads status' show relevant information. The Kerberos keytab was generated with net ads keytab create. Information from net ads status (partial) sAMAccountName: SAMSERV1$ sAMAccountType: 805306369 dNSHostName: samserv1.domain.example.com userPrincipalName: host/[email protected] objectCategory: CN=Computer,CN=Schema,CN=Configuration,DC=domain,DC=example,DC=com Regards, Ravi K. Channavajhala ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
