I have fixed this problem by changing the following line in /etc/krb5.conf
from
dns_lookup_realm = false
to
dns_lookup_realm = true
Why must i change this line?
When provisioning Samba4 the first time krb5.conf is generated
automatically with the option "dns_lookup_realm = false".
Am 14.09.2013 23:28, schrieb X-Dimension:> Hi!
>
> I've installed Samba4 like described here on Ubuntu 12.04.3
>
>
http://www.matrix44.net/cms/notes/gnulinux/samba-4-ad-domain-with-ubuntu-12-04
>
>
> DNS with BIND_DLZ backend seems to work and i can add DNS records
> without a problem with Microsoft RSAT.
>
> When i try kinit on the server i get the following:
>
> root at PDC:~# kinit administrator
> Password for administrator at MYDOMAIN.LAN:
>
> -> Works fine
>
> root at PDC:~# kinit administrator at MYDOMAIN.LAN
> Password for administrator at MYDOMAIN.LAN:
>
> -> Works fine
>
> root at PDC:~# kinit administrator at mydomain.lan
> Password for administrator at mydomain.lan:
> kinit: KDC reply did not match expectations while getting initial
> credentials
>
> -> Don't work
>
> When i try to join a Windows 7 Professional client to my domain, i get
> this:
>
> 1. Joining as user "administrator" to domain "mydomain"
or "MYDOMAIN"
> or "mydomain.lan" or "MYDOMAIN.LAN"
> -> wrong username or password
>
> 2. Joining as user "administrator at mydomain" to domain
"mydomain"
> -> works fine
> But after a reboot i can't login as "administrator at
mydomain" and i get
> wrong username and password
>
> My krb5.conf looks like this:
>
> [libdefaults]
> default_realm = MYDOMAIN.LAN
> dns_lookup_realm = false
> dns_lookup_kdc = true
>
> What goes wrong here?
>
> Thanks for help!
>
>