Hi there
I'm built samba-3.0.0-2 from the src rpm on a redhat 7.1 system.
I had to make sure a few ldap and kerberos devel rpms were installed, but I
managed to build and install it eventually.
I added:
--with-ads \
--with-krb5=/usr/kerberos \
--with-ldap
to the SPEC file for the package.
I followed mainly whats in here:
http://www.opensource.apple.com/darwinsource/7.0b1/samba/samba/docs/htmldocs
/ads.html
and succeeded, briefly, in getting it all working (I think) for about 20
minutes.
unfortunately I had to power off the machine as I lost control of it (don't
ask), got the machine back up and running,
and I now dont seem to be able to get it to use ADS authentication.
I'm now a bit confused in order what things are supposed to happen.
Is winbindd dependent on a working krb5.conf ?
How to I determine what bit isn't working ?
kinit -U user@REALM appears to challenge me for the right password, and work
I appear to be able to net ads join and net ads leave ok.
if I run winbindd with -i and -vv I get:
got principal=pdc$@REALM
Doing kerberos session setup
signing_good: SMB signature check failed on seq 1!
SMB Signature verification failed on incoming packet!
failed kerberos session setup with NT_STATUS_OK
failed anonymous session setup with NT_STATUS_OK
Every 10 minutes or so.
kadmin also doesn't seem to work - I get:
]# kadmin
Authenticating as principal Username/user@REALM with password.
kadmin: Client not found in Kerberos database while initializing kadmin
interface.
my machine didn't have a /var/kerberos/krb5kdc/kdc.conf file - do I create
one by hand or is there a tool to help generate one ??
Can anyone help me with some diagnostic tips ?
Gavin Davenport
