On Tue, 2014-02-04 at 16:22 +0000, Sven Geggus wrote:> Hello,
>
> I'm running a test setup with samba4 and a windows7 client which works
fine
> so far.
>
> Now I try to also join a Linux machine to get a single sign-on setup.
>
> However, this does not work. All I get is the following:
>
> root at linuxclient:~# net ads -U Administrator join
> Enter Administrator's password:
> kinit succeeded but ads_sasl_spnego_krb5_bind failed: Invalid credentials
> Failed to join domain: failed to connect to AD: Invalid credentials
>
> Samba on both sides of the story is 4.1.3 from debian backports.
>
> Here is what /etc/samba/smb.conf currently looks like:
>
> [global]
> security = ads
> workgroup = SAMDOM
> realm = SAMDOM.EXAMPLE.COM
> netbios name = linuxclient
> kerberos method = system keytab
> server role = member server
Do you, perhaps, have something odd in your krb5.conf? Try to make it
just
[libdefaults]
dns_lookup_kdc = true
default_realm = SAMDOM.EXAMPLE.COM
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba