Hi! I have a problem with winbind 3.3.6 (debian sid pkg) and windows 2008 ad... I can Join, I can see the ad users with wbinfo -u but I cant see them with getent passwd... see this errors in the log file: [2009/07/04 12:44:53, 1] libsmb/clikrb5.c:ads_krb5_mk_req(686) ads_krb5_mk_req: krb5_get_credentials failed for beelzebub$@CHAOS (Cannot resolve network address for KDC in requested realm) [2009/07/04 12:44:53, 1] libsmb/cliconnect.c:cli_session_setup_kerberos(624) cli_session_setup_kerberos: spnego_gen_negTokenTarg failed: Cannot resolve network address for KDC in requested realm What wrong? Greetz
Ah forgotten to paste my config:
[global]
workgroup = CHAOS
realm = CHAOS.LOCAL
netbios name = moloch
server string =
%h file server (Samba %v)
log file
= /var/log/samba/log.%m
max log size = 1000
syslog = 0
panic action =
/usr/share/samba/panic-action %d
security = ADS
password server = beelzebub.chaos.local
idmap backend
= ad
idmap uid = 10000-20000000
idmap gid = 10000-20000000
winbind nss info = rfc2307
winbind refresh tickets = yes
winbind enum users = yes
winbind enum groups = yes
use kerberos keytab
= yes
interfaces = br0 lo
bind interfaces only = yes
hosts allow = 127.0.0.0/8 ,
192.168.50.0/24, 2001:6f8:1316:1234/64
template homedir = /home/%D/%U
template shell = /bin/bash
winbind use default domain = yes
client use spnego = yes
client ntlmv2 auth = yes
encrypt passwords = true
restrict anonymous = 2
winbind separator = \
client schannel = no
socket options = TCP_NODELAY
SO_RCVBUF=8192 SO_SNDBUF=8192
unix extensions = no
Christoph Kaminski schrieb:> Hi! > > I have a problem with winbind 3.3.6 (debian sid pkg) and windows 2008 ad... > > I can Join, I can see the ad users with wbinfo -u but I cant see them > with getent passwd... > > see this errors in the log file: > > [2009/07/04 12:44:53, 1] libsmb/clikrb5.c:ads_krb5_mk_req(686) > ads_krb5_mk_req: krb5_get_credentials failed for beelzebub$@CHAOS > (Cannot resolve network address for KDC in requested realm) > [2009/07/04 12:44:53, 1] > libsmb/cliconnect.c:cli_session_setup_kerberos(624) > cli_session_setup_kerberos: spnego_gen_negTokenTarg failed: Cannot > resolve network address for KDC in requested realm > > What wrong? > > GreetzNo one an idea? :( Greetz
On Tue, Jul 07, 2009 at 12:25:11PM +0200, Christoph Kaminski wrote:> Christoph Kaminski schrieb: >> Hi! >> >> I have a problem with winbind 3.3.6 (debian sid pkg) and windows 2008 ad... >> >> I can Join, I can see the ad users with wbinfo -u but I cant see them >> with getent passwd... >> >> see this errors in the log file: >> >> [2009/07/04 12:44:53, 1] libsmb/clikrb5.c:ads_krb5_mk_req(686) >> ads_krb5_mk_req: krb5_get_credentials failed for beelzebub$@CHAOS >> (Cannot resolve network address for KDC in requested realm) >> [2009/07/04 12:44:53, 1] >> libsmb/cliconnect.c:cli_session_setup_kerberos(624) >> cli_session_setup_kerberos: spnego_gen_negTokenTarg failed: Cannot >> resolve network address for KDC in requested realm >> >> What wrong? >> >> Greetz > > No one an idea? :(Try to properly set up /etc/krb5.conf. Volker -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: Digital signature Url : http://lists.samba.org/archive/samba/attachments/20090707/0fe2075b/attachment.bin