Hello,
the same problem happens to me with a RHEL4 system.
Another point is that using "net ads join" with existing kerberos
credentials is not working:
[root@rhws tmp]# kinit Administrator
Password for Administrator@W2K3.EXAMPLE.COM:
[root@rhws tmp]# klist -5
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: Administrator@W2K3.EXAMPLE.COM
Valid starting Expires Service principal
05/09/06 16:07:35 05/10/06 02:07:36 krbtgt/W2K3.EXAMPLE.COM@W2K3.EXAMPLE.COM
renew until 05/10/06 16:07:35
[root@rhws tmp]# /usr/bin/net ads join
root's password:
...
(It should not ask for root's password, but use the name
"Administrator" from the kerberos credential cache instead).
On Mon, May 08, 2006 at 10:37:18PM -0500, Matt Sellers
wrote:> Hello All,
>
> Im using a fresh install of CentOS 4.3 fully updated with the
> latest
> Samba packages from SerNet.de
>
> http://enterprisesamba.org/index.php?id=64
>
> While I have used Samba/Winbind for quite some time, Im have a
> peculiar
> problem with these RPM's. When I try to "net ads join -U
> <username>" to
> join of ADS realm, I get this error...
>
> [root@ctilinux3 sernet-samba]# net -V
> Version 3.0.22-SerNet-RedHat
> [root@ctilinux3 sernet-samba]# net ads join -U msellers
> msellers's password:
> [2006/05/08 23:02:12, 0] utils/net_ads.c:ads_startup(191)
> ads_connect: Program lacks support for encryption type
> [root@ctilinux3 sernet-samba]#
>
> While I do have the latest krb5 libs installed from the CentOS
> repo, its
> my understanding that Sernet statically compiles their own
> kerberos
> libraries for compatibility, at least what their site says....
ldd /usr/bin/smbd looks like Sernet's package is linked against the
system kerberos library (MIT kerberos):
[root@rhws tmp]# rpm -qf /usr/sbin/smbd
samba3-3.0.22-26
[root@rhws tmp]# rpm -qi samba3
Name : samba3 Relocations: (not relocatable)
Version : 3.0.22 Vendor: Service Network GmbH,
Goettingen
Release : 26 Build Date: Fri 31 Mar 2006
01:30:19 PM CEST
Install Date: Mon 08 May 2006 12:56:45 PM CEST Build Host: opi
Group : Productivity/Networking/Samba Source RPM:
samba3-3.0.22-26.src.rpm
Size : 44867747 License: GNU GPL
Signature : (none)
Packager : SerNet Samba Team <Samba@SerNet.DE>
URL : http://www.samba.org
Summary : An SMB/CIFS file server
Description :
Samba is a suite of programs which work together to allow clients to
access Unix filespace and printers via the SMB/CIFS protocol.
[root@rhws tmp]# ldd /usr/sbin/smbd | grep krb
libkrb5.so.3 => /usr/lib/libkrb5.so.3 (0x00319000)
libgssapi_krb5.so.2 => /usr/lib/libgssapi_krb5.so.2 (0x002c7000)
[root@rhws tmp]#
but it also seems to have some parts of heimdal included:
[root@rhws tmp]# strings /usr/sbin/smbd | grep -i heimd
heimdal_long_version
heimdal_version
Heimdal 0.7.2
@(#)$Version: Heimdal 0.7.2 by root on opi (i686-pc-linux-gnu) Fri Mar 31
05:23:15 EST 2006 $
[root@rhws tmp]#
I don't know if that is the reason for the problem, but linking
against two differnt kerberos libraries might cause trouble.
Mark
>
> I have successfully compiled samba from source on CentOS, but
> have never
> gotten these SerNet binaries to work. Can anybody point me in
> the
> direction to fix this, or explain?
>
> Thanks all :-)
>
> --
> Matt Sellers
> matt@indigo.nu
>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/listinfo/samba