thr3ads.net - samba - [Samba] Problem with keytab: "Client not found in Kerberos database" [Dec 2016]

If this information is useful, please help other people find it:
Share via:

L.P.H. van Belle

2016-Dec-19 20:34 UTC

[Samba] Problem with keytab: "Client not found in Kerberos database"

start with fixing the overlapping idmap config.
that wont help.

check again if host.fqdn a and ptr exists in the dns.
check resolv.conf 
make sure your primary domain is listed first.

you left and rejoined the domain, so you can try regenerateing your keytab file
also.

start with that


greetz

Louis

> Op 19 dec. 2016 om 21:04 heeft Brian Candler via samba <samba at
lists.samba.org> het volgende geschreven:
> 
> And FWIW, here's the LDAP entry for the computer which was generated 
> when it joined:
> 
> root at wrn-dc1:~# ldbsearch -H /usr/local/samba/private/sam.ldb 
> '(cn=wrn-radtest)'
> # record 1
> dn: CN=wrn-radtest,CN=Computers,DC=ad,DC=example,DC=net
> objectClass: top
> objectClass: person
> objectClass: organizationalPerson
> objectClass: user
> objectClass: computer
> cn: wrn-radtest
> instanceType: 4
> whenCreated: 20161219120818.0Z
> uSNCreated: 5055
> name: wrn-radtest
> objectGUID: db8fd9f5-4be3-4886-a459-71858010f4fa
> badPwdCount: 0
> codePage: 0
> countryCode: 0
> badPasswordTime: 0
> lastLogoff: 0
> primaryGroupID: 515
> objectSid: S-1-5-21-1073172920-2372885959-993370794-1109
> accountExpires: 9223372036854775807
> sAMAccountName: wrn-radtest$
> sAMAccountType: 805306369
> objectCategory:
CN=Computer,CN=Schema,CN=Configuration,DC=ad,DC=example,DC>  net
> isCriticalSystemObject: FALSE
> userAccountControl: 69632
> pwdLastSet: 131266228999887560
> dNSHostName: wrn-radtest.ad.example.net
> servicePrincipalName: HOST/WRN-RADTEST
> servicePrincipalName: HOST/wrn-radtest.ad.example.net
> logonCount: 1
> lastLogon: 131266508988047120
> lastLogonTimestamp: 131266508988047120
> whenChanged: 20161219195459.0Z
> uSNChanged: 7842
> distinguishedName: CN=wrn-radtest,CN=Computers,DC=ad,DC=example,DC=net
> 
> I did a "net ads leave" and "net ads join", but it
hasn't made a difference.
> 
> Regards,
> 
> Brian.
> 
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

Rowland Penny

2016-Dec-19 20:56 UTC

head link

[Samba] Problem with keytab: "Client not found in Kerberos database"

On Mon, 19 Dec 2016 21:34:08 +0100
"L.P.H. van Belle via samba" <samba at lists.samba.org> wrote:
> start with fixing the overlapping idmap config.
> that wont help.
> 
> check again if host.fqdn a and ptr exists in the dns.
> check resolv.conf 
> make sure your primary domain is listed first.
> 
> you left and rejoined the domain, so you can try regenerateing your
> keytab file also.
> 
> start with that
> 
> 
No, start by using the correct thing for '*':

 idmap config * : backend = tdb
 idmap config * : range = 1000000-9999999

Maybe Matching Threads

Search for more reasonably related threads

samba - Dec 2016 - Problem with keytab: "Client not found in Kerberos database"

[Samba] Problem with keytab: "Client not found in Kerberos database"

[Samba] Problem with keytab: "Client not found in Kerberos database"

Maybe Matching Threads