Dominik Brosch
2003-Oct-21 15:39 UTC
[Samba] krb5_cc_get_principal failed (No such file or directory)
Hello, I am using the brand new SuSE 9.0 with Samba 3.0.0. I installed: Heimdal kerberos development libraries 0.6-67, Openldap development libraries 2.2.22-65, which are shipped with the distribution. If I running "kinit administrator@NWTRADERS.COM" I am getting a ticket. But if I try to run "net ads join -U administrator@NWTRADERS.COM" I am getting following messages: 2003/10/21 17:22:18, 3] libads/sasl.c:ads_sasl_spnego_bind(191) got principal=dcserver$@NWTRADERS.COM [2003/10/21 17:22:18, 1] libsmb/clikrb5.c:ads_krb5_mk_req(269) krb5_cc_get_principal failed (No such file or directory) [2003/10/21 17:22:34, 1] libsmb/clikrb5.c:ads_krb5_mk_req(276) krb5_get_credentials failed for dcserver$@NWTRADERS.COM (Unknown error -1765328343) [2003/10/21 17:22:34, 1] utils/net_ads.c:ads_startup(181) ads_connect: Operations error [2003/10/21 17:22:34, 2] utils/net.c:main(758) return code = -1 It seems to me, that something is missing. But I don't no why. At several places, I read, that heimdal is not the first choice, and I should prefer MIT Kerberos.I the Samba-Documentation I read that it should be no problem to use Heimdal. So, how can I fix the error? Any help will be appreciated. Regards Dominik
Dominik Brosch
2003-Oct-22 13:34 UTC
[Samba] Re: krb5_cc_get_principal failed (No such file or directory)
Hi, I didn't get an answer from the group, so I was fighting alone. I uninstall Heimdal and install the most recent MIT Kerberos package. After I complied Samba again, the error seems to be gone...now waiting for the next one ;-> Regards Dominik "Dominik Brosch" <samba.10.brosch@spamgourmet.com> schrieb im Newsbeitrag news:bn3jve$h1q$1@sea.gmane.org...> Hello, > > I am using the brand new SuSE 9.0 with Samba 3.0.0. > I installed: > Heimdal kerberos development libraries 0.6-67, > Openldap development libraries 2.2.22-65, > which are shipped with the distribution. > > If I running "kinit administrator@NWTRADERS.COM" I am getting a ticket. > But if I try to run "net ads join -U administrator@NWTRADERS.COM" I am > getting following messages: > > 2003/10/21 17:22:18, 3] libads/sasl.c:ads_sasl_spnego_bind(191) got > principal=dcserver$@NWTRADERS.COM > [2003/10/21 17:22:18, 1] libsmb/clikrb5.c:ads_krb5_mk_req(269) > krb5_cc_get_principal failed (No such file or directory) > [2003/10/21 17:22:34, 1] libsmb/clikrb5.c:ads_krb5_mk_req(276) > krb5_get_credentials failed for dcserver$@NWTRADERS.COM (Unknown > error -1765328343) > [2003/10/21 17:22:34, 1] utils/net_ads.c:ads_startup(181) ads_connect: > Operations error > [2003/10/21 17:22:34, 2] utils/net.c:main(758) return code = -1 > > > It seems to me, that something is missing. But I don't no why. > At several places, I read, that heimdal is not the first choice, and I > should prefer MIT Kerberos.I the Samba-Documentation I read that it should > be no problem to use Heimdal. > > So, how can I fix the error? > > Any help will be appreciated. > > Regards > > Dominik > > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: http://lists.samba.org/mailman/listinfo/samba >
Heidenreich, Andreas
2003-Nov-04 10:23 UTC
[Samba] krb5_cc_get_principal failed (No such file or directory)
I am using Suse SLES8 and samba 3.0.0
I would like to add the samba server in the w2k ADS Domain.
/etc/krb5.conf
[libdefaults]
default_realm = HAUNI.KOERBER.DE
default_etypes = des-cbc-crc des-cbc-md5
default_etypes_des = des-cbc-crc des-cbc-md5
[realms]
HAUNI.KOERBER.DE = {
kdc = kns076.hauni.koerber.de kns075.hauni.koerber.de
}
[logging]
kdc = FILE:/var/log/heimdal/kdc.log
kdc = SYSLOG:INFO
default = SYSLOG:INFO:USER
/etc/samba/smb.conf
# smb.conf is the main samba configuration file. You find a full commented
# version at /usr/share/doc/packages/samba/examples/smb.conf.UnitedLinux
# Date: 2003-04-07
[global]
#workgroup = HAUNI
log level = 2
log file = /var/log/samba/samba-log.%m
printing = CUPS
printcap name = CUPS
socket options = SO_KEEPALIVE IPTOS_LOWDELAY TCP_NODELAY
wins server = 149.242.14.10 149.242.14.100 149.242.14.101
server string = Test Print Server
comment = Test Print Server
netbios name = kls037
max log size = 1000
local master = no
name resolve order = wins host
#ADS
realm = hauni.koerber.de
security = ADS
encrypt passwords = Yes
password server = kns076 kns075 kns074 kns073
[printers]
comment = All Printers
path = /data/spool
printable = Yes
create mask = 0600
browseable = No
[print$]
comment = Printer Drivers
path = /data/drivers
write list = heidenreich @printadmin
create mask = 0664
directory mask = 0775
The net ads join -U Adminuser does return 255 and no message !
[2003/11/03 10:51:44, 4] libsmb/namequery.c:get_dc_list(1351)
get_dc_list: 149.242.14.105:389 149.242.14.104:389 149.242.14.103:389
149.242.14.102:389
[2003/11/03 10:51:44, 5] libads/ldap.c:ads_try_connect(56)
ads_try_connect: trying ldap server '149.242.14.105' port 389
[2003/11/03 10:51:44, 3] libads/ldap.c:ads_connect(218)
Connected to LDAP server 149.242.14.105
[2003/11/03 10:51:44, 3] libads/ldap.c:ads_server_info(1886)
got ldap server name kns076@HAUNI.KOERBER.DE, using bind path:
dc=HAUNI,dc=KOERBER,dc=DE
[2003/11/03 10:51:44, 4] libads/ldap.c:ads_server_info(1892)
time offset is 0 seconds
[2003/11/03 10:51:44, 4] libads/sasl.c:ads_sasl_bind(416)
Found SASL mechanism GSS-SPNEGO
[2003/11/03 10:51:44, 3] libads/sasl.c:ads_sasl_spnego_bind(184)
got OID=1 2 840 48018 1 2 2
[2003/11/03 10:51:44, 3] libads/sasl.c:ads_sasl_spnego_bind(184)
got OID=1 2 840 113554 1 2 2
[2003/11/03 10:51:44, 3] libads/sasl.c:ads_sasl_spnego_bind(184)
got OID=1 2 840 113554 1 2 2 3
[2003/11/03 10:51:44, 3] libads/sasl.c:ads_sasl_spnego_bind(184)
got OID=1 3 6 1 4 1 311 2 2 10
[2003/11/03 10:51:44, 3] libads/sasl.c:ads_sasl_spnego_bind(191)
got principal=kns076$@HAUNI.KOERBER.DE
[2003/11/03 10:51:44, 1] libsmb/clikrb5.c:ads_krb5_mk_req(269)
krb5_cc_get_principal failed (No such file or directory)
[2003/11/03 10:51:44, 1] libsmb/clikrb5.c:ads_krb5_mk_req(276)
krb5_get_credentials failed for kns076$@HAUNI.KOERBER.DE (Unknown error
2529638964)
[2003/11/03 10:51:44, 1] utils/net_ads.c:ads_startup(181)
ads_connect: Operations error
[2003/11/03 10:51:44, 2] utils/net.c:main(758)
return code = -1
Apparently Analagous Threads
- Samba 3.0 and ADS How to
- Problems with UsePrivilegeSeparation (was: port fwd as user != root?
- following a packet from sendto() to wire (and reverse)
- Failed to join domain: failed to join domain 'XXX.YYY' over rpc: Access denied
- Strong(er) authentication required when joining Active Directory (Samba 3.0.28)