Hi All, The latest Debian unstable release of samba 3.0.1-1 appears to be fail in storing the machine account password when joining a 2000 AD domain. kinit [EMAIL PROTECTED] works fine, as does net ads join suggesting the issue is not related kerberos misconfiguration.
klist indicates no cached tickets, until kinit is used. and winbindd.log shows the following entries when winbindd starts. libsmb/clikrb5.c:ads_krb5_mk_req(269) krb5_cc_get_principal failed (No credentials cache found) libads/kerberos.c:ads_kinit_password(133) kerberos_kinit_password HOST/[EMAIL PROTECTED] failed: Client not found in Kerberos database We can see from the logs that the winbindd is attempting to initiate the connection to the domain using kerberos ticket associated with the machine account, but it isn't there. The file secrets.tdb doesn't exist, neither does smbpasswd for that matter (not that it is specifically needed). The process of storing the machine account details was automated in the last version prior to this current relase. It is apparently broken. All attempts to access shares fail with smbd/sesssetup.c:reply_spnego_kerberos(172) Failed to verify incoming ticket! Am I missing something?? Cheers, Lewis -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
