On Wed, 2012-10-31 at 19:51 +0000, Bethel, Zach wrote: > I have a Samba DC connected to two Windows 2008 R2 DC's. On the Samba > machine, if I run `ldbsearch -H ldaps://*SAMBA-DC-IP* -U administrator` > > It asks for my password and then works great. I can use any domain user and > this works. However, if I instead run: > > `ldbsearch -H ldaps://10.120.160.12 -k1 --krb5-ccache=/tmp/krb5cc_0` > > I get this: > > Failed to bind - LDAP client internal error: NT_STATUS_INVALID_PARAMETER > Failed to connect to '...' with backend 'ldaps': (null) > Failed to connect to ... - (null) > > This happens regardless of whether or not the ticket exists at /tmp/krb5cc_0 > (I can run kinit to create it and kdestroy to remove it). It's not the most > useful error message...and strace isn't turning up anything interesting. > > Any ideas?
Kerberos requires a name for the target (all entries in the KDC are indexed by name), so we fail if presented with an IP address. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
