Hello world,
I have serious problems with samba and WS2008r2 DC using native mode ??.
I can join the domain and winbind is working well. I have no domain
administrator rights and machine account was pre-created with modified
rights documented
<http://docs.hp.com/en/7212/ADSJoinMinimumPerms.pdf#search=%22samba%20join%20ads%20user%20propert%22>
Now I am trying to get ticket with kinit -k
(keytab created with net ads keytab create) with no success.
I get error 'Client not found in Kerberos database while getting initial
credentials' or ' Key table entry not found while getting initial
credentials'. My goal kerberize nfs and cups with
net ads keytab crete nfs ipp
Is there any hope to get it running?
I put my config files and logs with full debug enabled to
http://www.helsinki.fi/~masse/samba/
I am using ubuntu 9.10 and default samba 2:3.4.0-3ubuntu5.1.
root at kakkosmasse:~# net ads testjoin -U masse
Join is OK
masse at kakkosmasse:/$ klist
Ticket cache: FILE:/tmp/krb5cc_1030118_LhjGfN3125
Default principal: masse at HYTEST.HELSINKI.FI
Valid starting Expires Service principal
11/26/09 10:49:56 11/26/09 20:49:56
krbtgt/HYTEST.HELSINKI.FI at HYTEST.HELSINKI.FI
renew until 11/27/09 10:49:56
masse at kakkosmasse:/$ smbclient -k -L localhost
ads_krb5_mk_req: krb5_get_credentials failed for
cifs/kakkosmasse at HYTEST.HELSINKI.FI (Server not found in Kerberos database)
cli_session_setup_kerberos: spnego_gen_negTokenTarg failed: Server not
found in Kerberos database
session setup failed: SUCCESS - 0
--
Mikko Hirvonen <Mikko.V.Hirvonen at helsinki.fi> HY/Tietos/Verkkopalvelut
