Hi folks (again)... I have Samba 3 installed (compiled from source) with Kerberos 5v1.3.1 also installed (from source). My problem is that none of the domain users can use any resources from the Samba server. The Samba server is (trying to be) in Domain mode (security = ads). The Samba server has been joined to the domain and shows up nicely in AD Users and Computers (on the Windows 2000 Advanced Server that is my AD domain controller). Here is the kerberos utils output from the Samba server... root@raid:~# kinit Password for administrator@RONGAGE.ORG: root@raid:~# klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: administrator@RONGAGE.ORG Valid starting Expires Service principal 10/15/03 19:35:14 10/16/03 05:35:02 krbtgt/RONGAGE.ORG@RONGAGE.ORG renew until 10/16/03 19:35:14 Kerberos 4 ticket cache: /tmp/tkt0 klist: You have no tickets cached root@raid:~# Here is the contents of /etc/krb5.conf: root@raid:/etc# less krb5.conf [libdefaults] default_realm = RONGAGE.ORG [realms] RONGAGE.ORG = { kdc = domain.rongage.org:88 default_domain = RONGAGE.ORG } And for completeness, here is the smb.conf: #======================= Global Settings ====================================[global] # workgroup = NT-Domain-Name or Workgroup-Name, eg: LINUX2 workgroup = RONGAGE netbios name = RAID server string = Samba Server ; hosts allow = 192.168.1. 192.168.2. 127. load printers = no # log level = 10 idmap uid = 10000-20000 idmap gid = 10000-20000 winbind enum users = yes winbind enum groups = yes template homedir = /home/%D/%U template shell = /bin/bash security = ads password server = domain.rongage.org encrypt passwords = yes realm = rongage.org ; printcap name = /etc/printcap ; printcap name = lpstat ; printing = bsd ; guest account = pcguest log file = /var/log/samba.%m max log size = 50 ; security = user ; password server = <NT-Server-Name> ; encrypt passwords = yes ; include = /usr/local/samba/lib/smb.conf.%m socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 ; interfaces = 192.168.12.2/24 192.168.13.2/24 ; local master = no ; os level = 33 ; domain master = yes ; preferred master = yes ; domain logons = yes ; logon script = %m.bat ; logon script = %U.bat ; logon path = \\%L\Profiles\%U ; wins support = yes ; wins server = w.x.y.z ; wins proxy = yes dns proxy = no ;[homes] ; comment = Home Directories ; browseable = no ; writable = yes # Un-comment the following and create the netlogon directory for Domain Logons ; [netlogon] ; comment = Network Logon Service ; path = /usr/local/samba/lib/netlogon ; guest ok = yes ; writable = no ; share modes = no # Un-comment the following to provide a specific roving profile share # the default is to use the user's home directory ;[Profiles] ; path = /usr/local/samba/profiles ; browseable = no ; guest ok = yes # NOTE: If you have a BSD-style print system there is no need to # specifically define each individual printer ;[printers] ; comment = All Printers ; path = /var/spool/samba ; browseable = no # Set public = yes to allow user 'guest account' to print ; guest ok = no ; writable = no ; printable = yes # This one is useful for people to share files ;[tmp] ; comment = Temporary file space ; path = /tmp ; read only = no ; public = yes # A publicly accessible directory, but read only, except for people in # the "staff" group [data] comment = Accounting path = /data public = yes writable = yes printable = no guest ok = yes create mode = 777 directory mode = 777 Can anybody please tell me what the heck I am doing wrong??? Thanks! -- Ronald R. Gage MCP, LPIC1, A+, Net+ Pontiac, Michigan ---------------------------------------------------------------- This message was sent using webmail provided by www.rongage.org