I 'm trying to figure out why my samba box can 't get any information about trusted w2k ad domains. The linux samba server is a domain member of a w2k domain. Everything is fine with this domain, but I can 't get sequence numbers, nor users, nor groups from others domains in the active directory.
The main error seems to be "Server not found in kerberos database" when it tries to connect to others domain controllers. As an example, for one of this domains, winbind.log shows this: [2005/07/04 12:18:26, 10] nsswitch/winbindd_util.c:add_trusted_domains(221) Found domain SIDOR [2005/07/04 12:18:26, 10] nsswitch/winbindd_cache.c:domain_sid(1407) domain_sid: [Cached] - doing backend query for info for domain SIDOR [2005/07/04 12:18:26, 3] nsswitch/winbindd_ads.c:domain_sid(900) ads: domain_sid [2005/07/04 12:18:26, 3] libads/ldap.c:ads_connect(285) Connected to LDAP server 10.50.180.51 [2005/07/04 12:18:26, 3] libads/ldap.c:ads_server_info(2469) got ldap server name [EMAIL PROTECTED], using bind path: dc=SIDOR,dc=TECHINT,dc=NET [2005/07/04 12:18:27, 3] libads/sasl.c:ads_sasl_spnego_bind(204) ads_sasl_spnego_bind: got OID=1 2 840 48018 1 2 2 [2005/07/04 12:18:27, 3] libads/sasl.c:ads_sasl_spnego_bind(204) ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 [2005/07/04 12:18:27, 3] libads/sasl.c:ads_sasl_spnego_bind(204) ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 3 [2005/07/04 12:18:27, 3] libads/sasl.c:ads_sasl_spnego_bind(204) ads_sasl_spnego_bind: got OID=1 3 6 1 4 1 311 2 2 10 [2005/07/04 12:18:27, 3] libads/sasl.c:ads_sasl_spnego_bind(211) ads_sasl_spnego_bind: got server principal name [EMAIL PROTECTED] [2005/07/04 12:18:27, 1] libsmb/clikrb5.c:ads_krb5_mk_req(389) ads_krb5_mk_req: krb5_get_credentials failed for [EMAIL PROTECTED] (Server not found in Kerberos database) [2005/07/04 12:18:27, 1] libsmb/clikrb5.c:ads_krb5_mk_req(389) ads_krb5_mk_req: krb5_get_credentials failed for [EMAIL PROTECTED] (Server not found in Kerberos database) [2005/07/04 12:18:27, 1] nsswitch/winbindd_ads.c:ads_cached_connection(81) ads_connect for domain SIDOR failed: Server not found in Kerberos database This is samba 3.0.14a, mit kerberos 1.3.6. The log shows it 's trying to connect with [EMAIL PROTECTED] But if I try manually: kinit [EMAIL PROTECTED] it gives "client not found in kerberos database". It does work if I don 't put the dollar sign (ie. [EMAIL PROTECTED]). Can anyone give a clue how to solve this or what test i can do ? Thanks, Martin -------------------------------------------------------------------- mail2web - Check your email from the web at http://mail2web.com/ . -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
