Martinx - ジェームズ
2014-Aug-16 08:58 UTC
[Samba] Winbind File Server Domain Member Errors: "Client not found in Kerberos database" / "Could not receive trustdoms".
Guys, I'm seeing the following error at my Samba4 Domain Member File Server: --- ==> /var/log/samba/log.wb-DOMAIN <=[2014/08/16 05:39:26.616878, 0] ../source3/libads/kerberos_util.c:74(ads_kinit_password) kerberos_kinit_password FILE-SERVER$@REALM.DOMAIN.COM failed: Client not found in Kerberos database [2014/08/16 05:39:26.616962, 1] ../source3/winbindd/winbindd_ads.c:122(ads_cached_connection_connect) ads_connect for domain DOMAIN failed: Client not found in Kerberos database ==> /var/log/samba/log.winbindd <=[2014/08/16 05:39:27.256066, 1] ../source3/winbindd/winbindd_util.c:316(trustdom_list_done) Could not receive trustdoms [2014/08/16 05:39:28.257587, 1] ../source3/winbindd/winbindd_util.c:316(trustdom_list_done) Could not receive trustdoms [2014/08/16 05:39:29.258850, 1] ../source3/winbindd/winbindd_util.c:316(trustdom_list_done) Could not receive trustdoms --- The command "kinit user" works... Kerberos seems to be fine at "file-server". How to fix this permanently?! I mean, last time I saw this messages, I did a "net ads leave / join" as a workaround but, the problem keep appearing over and over... Apparently, it is loosing its membership... But I don't know for sure... It is a Samba 4.1.6 on Ubuntu Trusty. The AD DC is also a Samba 4.1.6 + Bind9, Ubuntu Trusty too. The members based on Windows (Desktops) are working fine. Tips?! Tks! Thiago
steve
2014-Aug-16 14:10 UTC
[Samba] Winbind File Server Domain Member Errors: "Client not found in Kerberos database" / "Could not receive trustdoms".
On Sat, 2014-08-16 at 05:58 -0300, Martinx - ????? wrote:> Guys, > > I'm seeing the following error at my Samba4 Domain Member File Server: > > --- > ==> /var/log/samba/log.wb-DOMAIN <=> [2014/08/16 05:39:26.616878, 0] > ../source3/libads/kerberos_util.c:74(ads_kinit_password) > kerberos_kinit_password FILE-SERVER$@REALM.DOMAIN.COM failed: Client not > found in Kerberos database > [2014/08/16 05:39:26.616962, 1] > ../source3/winbindd/winbindd_ads.c:122(ads_cached_connection_connect) > ads_connect for domain DOMAIN failed: Client not found in Kerberos > database > > ==> /var/log/samba/log.winbindd <=> [2014/08/16 05:39:27.256066, 1] > ../source3/winbindd/winbindd_util.c:316(trustdom_list_done) > Could not receive trustdoms > [2014/08/16 05:39:28.257587, 1] > ../source3/winbindd/winbindd_util.c:316(trustdom_list_done) > Could not receive trustdoms > [2014/08/16 05:39:29.258850, 1] > ../source3/winbindd/winbindd_util.c:316(trustdom_list_done) > Could not receive trustdoms > --- > > The command "kinit user" works... Kerberos seems to be fine at > "file-server". > > How to fix this permanently?! > > I mean, last time I saw this messages, I did a "net ads leave / join" as a > workaround but, the problem keep appearing over and over... > > Apparently, it is loosing its membership... But I don't know for sure... > > It is a Samba 4.1.6 on Ubuntu Trusty. > > The AD DC is also a Samba 4.1.6 + Bind9, Ubuntu Trusty too. The members > based on Windows (Desktops) are working fine. > > Tips?! > > Tks! > ThiagoAt least give us something to check! smb.conf at both ends /etc/krb5.conf klist -k