RedHat AS 2.1 kernel 2.4.9-e.16 with kbr5-1.2.7
I've been playing with ADS features of samba-3.0alpha21 and am having problems getting winbind to work. I can join the domain: [EMAIL PROTECTED] etc]# net ads join Joined 'ASECL' to realm 'ASE-LRC-AD.AE.UTEXAS.EDU' After joining the domain, I can use the other 'net ads' options of user, group, status and info. Can also use the smbclient with the -k option to browse shares on the AD server. When starting winbind, I get the following error which just keeps repeating every 10 seconds. [EMAIL PROTECTED] samba]# tail -f log.winbindd winbindd version 3.0alpha21 started. Copyright The Samba Team 2000-2001 [2003/03/27 10:39:08, 1] nsswitch/winbindd_util.c:add_trusted_domain(138) Added domain ASE-LRC-AD [2003/03/27 10:39:08, 1] libsmb/clikrb5.c:krb5_mk_req2(55) krb5_cc_get_principal failed (No credentials cache found) [2003/03/27 10:39:08, 0] libads/kerberos.c:ads_kinit_password(132) kerberos_kinit_password HOST/[EMAIL PROTECTED] failed: Client not found in Kerberos database [2003/03/27 10:39:08, 1] nsswitch/winbindd_ads.c:ads_cached_connection(71) ads_connect for domain ASE-LRC-AD failed: Invalid credentials [2003/03/27 10:39:18, 1] nsswitch/winbindd_util.c:init_domain_list(219) Retrying startup domain sid fetch for ASE-LRC-AD [2003/03/27 10:39:18, 1] libsmb/clikrb5.c:krb5_mk_req2(55) krb5_cc_get_principal failed (No credentials cache found) I checked the cached Kerberos tickets using klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: [EMAIL PROTECTED] Valid starting Expires Service principal 03/27/03 10:54:13 03/27/03 20:54:13 krbtgt/[EMAIL PROTECTED] 03/27/03 10:54:28 03/27/03 20:54:13 [EMAIL PROTECTED] 03/27/03 10:54:28 03/27/03 20:54:13 kadmin/[EMAIL PROTECTED] Trying samba-3.0alpha22, winbind keeps repeating the following message [2003/03/18 10:34:33, 1] nsswitch/winbindd.c:main(898) winbindd version 3.0alpha22 started. Copyright The Samba Team 2000-2001 [2003/03/18 10:34:33, 1] nsswitch/winbindd_util.c:rescan_trusted_domains(168) scanning trusted domain list [2003/03/18 10:39:33, 1] nsswitch/winbindd_util.c:rescan_trusted_domains(168) scanning trusted domain list Trying the latest 3.0 CVC, winbind gives accepted socket 11 client_read: read 1312 bytes. Need 0 more for a full request. process_loop: Invalid request size from pid 6340: 1564 bytes sent, should be 1312 my smb.conf: [global] # Active Directory stuff realm = ASE-LRC-AD.AE.UTEXAS.EDU security = ADS encrypt passwords = yes ads server = 146.6.104.15 password server = 146.6.104.15 wins server = 146.6.104.15 # winbind stuff winbind separator = + winbind cache time = 10 template shell = /bin/bash template homedir = /home/%D/%U winbind uid = 10000-20000 winbind gid = 10000-20000 I found a couple of messages in the mailing list archives from people having similar problems, but did not find any follow-ups with possible solutions. thanks scott -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
