Dear all
Version: samba 3.0.21a
Server: Windows 2000 mixed (R2K-PDC)
steps
-- net rpc join domain -U administrator%xxxxx , (success joined)
-- start winbindd => OK
-- wbinfo -u => failed, error message
kerberos_kinit_password RO120$@R2K-PDC.COM failed: Cannot
resolve network address for KDC in requested realm
ads_connect for domain R2K-PDC failed: Cannot resolve network address for
KDC in requested realm
-- wbinfo -m => disply trust domain?
R2K-PDC (is it corrent result?)
the same steps and configurations, this error is not happen with smaba
version 3.0.20b
and I found that " wbinfo -m" after join domain,
the reuslt of 3.0.20b is empty, wbinfo -u has no problem.
Rocky
Hi
But why kerberos? If your Server is in mixed mode the Kerberos should
not be involved at all.
Check your winbind configuration.
And if you will send your samba configuration plus /etc/krb5.conf I
could help you more.
Dina
-----Original Message-----
From: samba-bounces+dina=exanet.com@lists.samba.org
[mailto:samba-bounces+dina=exanet.com@lists.samba.org] On Behalf Of Lee
Rocky
Sent: Wednesday, January 04, 2006 9:20 AM
To: samba@lists.samba.org
Subject: [Samba] samba 3.0.21a rpc joined domain question
Dear all
Version: samba 3.0.21a
Server: Windows 2000 mixed (R2K-PDC)
steps
-- net rpc join domain -U administrator%xxxxx , (success joined)
-- start winbindd => OK
-- wbinfo -u => failed, error message
kerberos_kinit_password RO120$@R2K-PDC.COM failed: Cannot
resolve network address for KDC in requested realm ads_connect for
domain R2K-PDC failed: Cannot resolve network address for KDC in
requested realm
-- wbinfo -m => disply trust domain?
R2K-PDC (is it corrent result?)
the same steps and configurations, this error is not happen with smaba
version 3.0.20b
and I found that " wbinfo -m" after join domain, the reuslt of
3.0.20b
is empty, wbinfo -u has no problem.
Rocky
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Gerald (Jerry) Carter
2006-Jan-04 16:30 UTC
[Samba] samba 3.0.21a rpc joined domain question
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Lee Rocky wrote:> Dear all > > Version: samba 3.0.21a > Server: Windows 2000 mixed (R2K-PDC) > > steps > -- net rpc join domain -U administrator%xxxxx , (success joined) > -- start winbindd => OK > -- wbinfo -u => failed, error message > kerberos_kinit_password RO120$@R2K-PDC.COM failed: Cannot > resolve network address for KDC in requested realm > ads_connect for domain R2K-PDC failed: Cannot resolve network address for > KDC in requested realmThis is correct behavior now. Either (a) fix you /etc/krb5.conf file, or (b) specifiy --without-ads at configure time. Winbindd now always tries to use ldap/kerberos if possible. The is part of the auto-detection changes mentioned in the release notes. I agree that this is a slightly incompatible change that makes upgrading a little bit more work. But the result is much better compatibility with domains. cheers, jerry ====================================================================Alleviating the pain of Windows(tm) ------- http://www.samba.org Centeris ----------- http://www.centeris.com "There's an anonymous coward in all of us." --anonymous -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDu/gZIR7qMdg1EfYRAno/AKC3kKdGIn7V3aQmsY4KbEKf8bA3MgCfSA68 GnsP3BUx5yFxVId8sAsQKCI=viSZ -----END PGP SIGNATURE-----
On Wed, 2006-01-04 at 10:30 -0600, Gerald (Jerry) Carter wrote:> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Lee Rocky wrote: > > Dear all > > > > Version: samba 3.0.21a > > Server: Windows 2000 mixed (R2K-PDC) > > > > steps > > -- net rpc join domain -U administrator%xxxxx , (success joined) > > -- start winbindd => OK > > -- wbinfo -u => failed, error message > > kerberos_kinit_password RO120$@R2K-PDC.COM failed: Cannot > > resolve network address for KDC in requested realm > > ads_connect for domain R2K-PDC failed: Cannot resolve network address for > > KDC in requested realm > > This is correct behavior now. Either (a) fix you /etc/krb5.conf file, > or (b) specifiy --without-ads at configure time. > > Winbindd now always tries to use ldap/kerberos if possible. > The is part of the auto-detection changes mentioned in the > release notes. I agree that this is a slightly incompatible > change that makes upgrading a little bit more work. But > the result is much better compatibility with domains.(for the list) As I mentioned on IRC, we might in some situations be able to do LDAP/NTLMSSP, for greater compatibility. The code is in sasl.c, but is disabled by all the current codepaths. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part Url : http://lists.samba.org/archive/samba/attachments/20060106/4b9a4707/attachment.bin