I experienced this problem on a Red Hat Enterprise Linux 5.1 system when running Samba 3.0.25b-1.el5_1.4, the RHEL supplied version of Samba. Previously I was able to join this same system to our AD domain when it was running RHEL 5/Samba 3.0.23c-2.el5.2.0.2. After this system was upgraded to RHEL 5.1/Samba 3.0.25b-1.el5_1.4 I was not able re-join this system to our AD domain.
I ended up downgrading to the /usr/bin/net binary to one from Samba 3.0.23c-2.el5.2.0.2, the previous RHEL supplied version. I did that by downloading samba-common-3.0.23c-2.el5.2.0.2.i386.rpm from Red Hat and extracting /usr/bin/net from the rpm by running: "rpm2cpio samba-common-3.0.23c-2.el5.2.0.2.i386.rpm | cpio -iv --make-directories ./usr/bin/net" That extracted the 3.0.23c-2.el5.2.0.2 version of /usr/bin/net into my cwd. Then I ran "mv /usr/bin/net /usr/bin/net.bak" to backup the 3.0.25b-1.el5_1.4 version and then copied the older /usr/bin/net binary that I extracted from the rpm to /usr/bin. Once I did that, I was able to rejoin this system to our domain. Andrew Philipoff Programmer Analyst Information Technology Services Department of Medicine University of California, San Francisco Phone: 415-476-1344 Help Desk: 415-476-6827 http://domsupport.ucsf.edu/ -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Francis Lee Mondia Sent: Monday, March 17, 2008 5:38 PM To: [email protected] Subject: [Samba] kinit succeeded but ads_sasl_spnego_krb5_bind failed Hi all, I'm having trouble joining samba to active directory. My samba version is 3.0.28a-35 and krb is 1.6.1-17.el5. It's running on centos 5, kernel version 2.6.18-53.1.14.el5. It's running on vmware server by the way if that is of any significance. The specific error that I get are as follows: when testjoining the domain: [2008/03/18 04:34:07, 0] libads/kerberos.c:ads_kinit_password(228) kerberos_kinit_password [EMAIL PROTECTED] failed: Preauthentication failed Join to domain is not valid: Logon failure <DOMAIN.COM> is a valid domain, on a windows 2003 r2 server. It's already added to the hosts file as well as configured as the DNS server. hostname of this host can also be resovled. This is strange, considering I can get the ticket using kinit. I know some people have posted about this before, but it was on a previous samba version. I don't know if it is with samba versions, but i also upgraded from 3.0.25b, since i found somewhere in this post that it's a buggy version. On last thing, I also got the same problem on a Centos 4.4 installation, also with installed 3.0.28a-35. Any help will be highly appreciated. I'm willing to give you all the required configuration files if you need it. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
