Hi Folks I have winbind showing all users and groups from my windows 2k3 AD, net ads join worked fine, set up a test share, changed the owner to be something from the AD through winbind and the group to 10000 (Domain Users) even chmodded 777 to make sure permissions werent a problem, but I keep getting
[2003/11/24 16:52:56, 2] smbd/sesssetup.c:setup_new_vc_session(535) setup_new_vc_session: New VC == 0, if NT4.x compatible we would close all old resources. [2003/11/24 16:52:56, 1] smbd/sesssetup.c:reply_spnego_kerberos(172) Failed to verify incoming ticket! [2003/11/24 16:52:56, 2] smbd/server.c:exit_server(558) Closing connections In the logs, I have to assume this is part of the problem, also if the kinit times out I get nothing and have to reauthenticate, I currently have my pop and imap services authenticating against the AD, but I had to do a lot of buggering about on the w2k3 box with ktpass and such to get it working, so I know that it is possible to authenticate via kerberos against a w2k3AD, with preauthentication turned off. Do I need to change the passdb backend to LDAP? (as well as finding out what problem lies in the kerberos). smb.conf [global] workgroup = <AREALM> realm = <AREALM.COM> security = ADS password server = 192.168.0.42 encrypt passwords = yes log level = 2 idmap uid = 10000-20000 idmap gid = 10000-20000 template shell = /bin/bash winbind separator = + winbind use default domain = Yes client use spnego = yes [export] comment = Test Share path = /export/test admin users = Administrator read list = <AUSER> write list = <AUSER> read only = No create mask = 0700 directory mask = 0700 [EMAIL PROTECTED] export]# klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: Administrator@<AREALM.COM> Valid starting Expires Service principal 11/24/03 16:30:14 11/25/03 02:28:48 krbtgt/<AREALM.COM>@<AREALM.COM> Kerberos 4 ticket cache: /tmp/tkt0 klist: You have no tickets cached Any help greatfully accepted, Rgds Alex Needham Stealth IT Bloke, Intersystems -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba