Hi; I would like to set the file /etc/krb5.keytab for apache : # net ads keytab add HTTP -U compte_admin_dom1 Processing principals to add... Enter administrateur's password: # ktutil ktutil: l slot KVNO Principal ---- ---- --------------------------------------------------------------------- ktutil:
The file is empty ? May be that this problem is linked to the command "net ads" ? because when I try to join the AD : # net ads join -U administrat...@p9bis.neoplus.laposte.poc Enter administrat...@p9bis.neoplus.laposte.poc's password: Failed to join domain: failed to find DC for domain P9BIS.NEOPLUS.LAPOSTE.POC But with "rpc" it works : # net rpc join -U administrat...@p9bis.neoplus.laposte.poc Enter administrat...@p9bis.neoplus.laposte.poc's password: Joined domain P9BIS. When I execute : # net ads info - U administrateur Failed to get server's current time! LDAP server: 187.0.17.104 LDAP server name: CINVW067.p9bis.neoplus.laposte.poc Realm: P9BIS.NEOPLUS.LAPOSTE.POC Bind Path: dc=P9BIS,dc=NEOPLUS,dc=LAPOSTE,dc=POC LDAP port: 389 Server time: Thu, 01 Jan 1970 01:00:00 CET KDC server: 187.0.17.104 And # net rpc info -U administrateur Enter administrateur's password: Domain Name: P9BIS Domain SID: S-1-5-21-254703050-2859693384-3493432365 Sequence number: 1 Num users: 50 Num domain groups: 0 Num local groups: 12 The 2 commands # wbinfo -u and wbinfo -g no returns any values for users/groups ? The kinit works fine : # kinit administrat...@p9bis.neoplus.laposte.poc Password for administrat...@p9bis.neoplus.laposte.poc: # klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: administrat...@p9bis.neoplus.laposte.poc Valid starting Expires Service principal 11/17/11 12:05:00 11/17/11 22:05:03 krbtgt/p9bis.neoplus.laposte....@p9bis.neoplus.laposte.poc renew until 11/18/11 12:05:00 Kerberos 4 ticket cache: /tmp/tkt0 klist: You have no tickets cached Impossible to join the AD serveur with "ads" : # net ads testjoin Join to domain is not valid: Operations error # net rpc testjoin Join to 'P9BIS' is OK How make work correctly the "ads" and how get the list of users of the AD domain ? Any help would be very appreciated. Regards --- En date de : Mer 16.11.11, djamel boussebha <dbousse...@yahoo.fr> a écrit : De: djamel boussebha <dbousse...@yahoo.fr> Objet: Problem with Winbind À: "samba@lists.samba.org" <samba@lists.samba.org>, "foedi...@eva.mpg.de" <foedi...@eva.mpg.de>, "AndrewPhilipoff" <aphilip...@medicine.ucsf.edu> Date: Mercredi 16 novembre 2011, 17h24 Hi; wbinfo can not get the user names and group names of my AD domain (Windows 2008 SP2) The result for "wbinfo -t" is ok : "checking the trust secret for domain P9BIS via RPC calls succeeded" But when i try to get wbinfo -n "USER1" or wbinfo -r "USER1" it shows this error message: "Could not lookup name USER1" I use Samba version : 3.5.12. Any help would be very appreciated... thanks to anyone! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba