On Fri, May 27, 2011 at 6:28 PM, Jeremy Allison <[email protected]> wrote: > On Fri, May 27, 2011 at 04:56:25PM -0400, Mauricio Tavares wrote: >> Ok, I understand if I only have kerberos and windows, if I login as a >> kerberos user, I better have a local user mapped to it or I will not >> be able to login. But, now I have samba involved. If I tell it about >> kerberos server, >> >> workgroup = LAZYASS >> realm = MY.REALM >> security = ads >> kerberos method = system keytab >> >> shouldn't it see there is local (to samba's server) user bob, >> principal [email protected], and then mount bob's homedir if I try to login >> as bob? Or am I missing an important step? I did join the xp box to >> LAZYASS and can see there the fileserver's home fileshare (the only >> thing I am exporting). But that is as far as I get. >> >> The exact error message I am getting is >> >> "The system cannot log you on due to the following error: >> >> Mapping between account names and security IDs was done." >> >> It almost sounds like it is completely ignoring the samba side of the show. > > Do you have winbindd running ? You need this to generate > the local UNIX userid's that Samba will use to represent > Windows users. > I dont seem to have it up and running:
[2011/05/31 16:13:04, 0] winbindd/winbindd_cache.c:2578(initialize_winbindd_cache) initialize_winbindd_cache: clearing cache and re-creating with version number 1 [2011/05/31 16:13:04, 0] winbindd/winbindd_util.c:782(init_domain_list) Could not fetch our SID - did we join? [2011/05/31 16:13:04, 0] winbindd/winbindd.c:1399(main) unable to initialize domain list How can't it join the domain if it is the PDC? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
