So I've looked further at this and noticed that samba seams to create it's own krb5 config-file in /var/lib/samba/smb_krb5/krb5.conf.PRESIDIO
It seams that if I add custom information to this file it gets overwritten upon restart of samba. The contents of this file is [libdefaults] default_realm = GARNSER.SE default_tgs_enctypes = RC4-HMAC DES-CBC-CRC DES-CBC-MD5 default_tkt_enctypes = RC4-HMAC DES-CBC-CRC DES-CBC-MD5 preferred_enctypes = RC4-HMAC DES-CBC-CRC DES-CBC-MD5 [realms] GARNSER.SE = { kdc = 172.16.1.2 } I'm guessing winbind tries to bind with PRESIDIO given the name of the file. Anyone else seen this before? /Jonathan On Mon, Sep 28, 2009 at 4:14 AM, Andrew Masterson <andrew.master...@nuvistaenergy.com> wrote: >> [r...@presidio3 ~]# net ads join -U Administrator >> Enter Administrator's password: >> [2009/09/23 23:58:48, 0] libads/kerberos.c:ads_kinit_password(362) >> kerberos_kinit_password administra...@garnser.se failed: Cannot find >> KDC for requested realm >> Failed to join domain: failed to connect to AD: Cannot find KDC for >> requested realm >> >> Any idea why this is? > > Do you have > DOMAIN.NAME = { > kdc = pdc.domain.name:88 > ... > } > In your krb5.conf? Is your firewall allowing traffic to/from on port 88? Or > do you have > dns_lookup_kdc = no > in your krb5.conf file? (the default is supposed to be "yes") > And can you ping the kdc from your box? Is DNS resolving properly? > -=Andrew > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba