On Fri, May 27, 2011 at 04:56:25PM -0400, Mauricio Tavares wrote: > Ok, I understand if I only have kerberos and windows, if I login as a > kerberos user, I better have a local user mapped to it or I will not > be able to login. But, now I have samba involved. If I tell it about > kerberos server, > > workgroup = LAZYASS > realm = MY.REALM > security = ads > kerberos method = system keytab > > shouldn't it see there is local (to samba's server) user bob, > principal [email protected], and then mount bob's homedir if I try to login > as bob? Or am I missing an important step? I did join the xp box to > LAZYASS and can see there the fileserver's home fileshare (the only > thing I am exporting). But that is as far as I get. > > The exact error message I am getting is > > "The system cannot log you on due to the following error: > > Mapping between account names and security IDs was done." > > It almost sounds like it is completely ignoring the samba side of the show.
Do you have winbindd running ? You need this to generate the local UNIX userid's that Samba will use to represent Windows users. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
