I'm in the process of opening a case with Sun support as well, but thought I'd post here to see if I get a quicker / different response.
I'm running SaMBa 3.025 - bundled in Solaris 10 U4 in a container. The container has a primary dns name as well as 2 aliases. I configure the /etc/krb5/krb5.conf file and test via the kinit command. The test is successful. I configure the /etc/sfw/smb.conf file and test using the net ads join -U adminuser command. The test is successful as the box joins the active directory structure. I then attempt to map to a home directory share, and get prompted for credentials. The log file in /var/samba/log is named after the PC client's IP address. It continuously spews the following message over and over again. [2007/09/18 11:28:56, 1] smbd/sesssetup.c:(316) Failed to verify incoming ticket with error NT_STATUS_LOGON_FAILURE! However, if I attempt to access the home directory share using one of the aliases or the IP address of the container, the explorer window with the mapped directory opens up immediately, showing the home directory contents, and the mapped share is writeable as expected. The samba service opens the log file named after the client PC's IP address, but doesn't put anything in it. It then opens up a log file named after the client PC's netbios name, and writes a successful connection message. [2007/09/17 20:42:06, 1] smbd/service.c:(1033) pcnbname (ip.ad.dre.ss) connect to service homedir initially as user aduserid (uid=4321, gid=4321) (pid 11592) The only time we can't access the shares is when we use the primary DNS name of the container, which was used to register the samba server in the active directory structure. I've replicated this issue on multiple servers, including a Sun-Fire 280R, a Netra T1 AC 200, and the new T2000 servers. Am I missing something simple? Or is there a bug with the netbios name and shared IP infrastructure? Our intent is to have multiple containers in the same IP subnet, hosting multiple samba services. I've gotten around this issue by making the primary name one of the aliases that wouldn't normally be used for the box, and setting the primary as an alias within the /etc/hosts file. This message posted from opensolaris.org _______________________________________________ zones-discuss mailing list email@example.com