[Samba] Re: Cannot find KDC for requested realm

2004-09-20 Thread Aaron Bostick 
Just to let someone know, I resolved this problem by compiling kerberos as a
shared library.  I initially compiled kerberos as static libraries only
because I use Openpkg (www.openpkg.org).  Samba compiles fine this way but
at runtime, it apparently is not picking up the kerberos stuff it needed.

Anyone know how to compile samba using static library dependencies?  For
instance, I have the same problem with openldap.  It only works if its
compiled as a shared library but I would like to make it a static library
only.

Thanks,
Aaron

Aaron Bostick wrote:

 Hi, I am trying to get samba/winbind setup to do active directory
 authentication.  I am using samba 3.0.7, kerberos 1.3.5, and openldap
 2.2.17.
 
 I can kinit and klist just fine.  However, when I try to net ads join
 -d10 -Uabostick, I get the error listed below:
 
 [2004/09/16 17:04:26, 3] libads/sasl.c:ads_sasl_spnego_bind(211)
   ads_sasl_spnego_bind: got server principal name
 [EMAIL PROTECTED]
 [2004/09/16 17:04:26, 1] libsmb/clikrb5.c:ads_krb5_mk_req(313)
   krb5_cc_get_principal failed (No credentials cache found)
 [2004/09/16 17:04:26, 0] libads/kerberos.c:ads_kinit_password(136)
   kerberos_kinit_password [EMAIL PROTECTED] failed: Cannot
 find KDC for requested realm
 [2004/09/16 17:04:26, 0] utils/net_ads.c:ads_startup(183)
   ads_connect: Cannot find KDC for requested realm
 [2004/09/16 17:04:26, 2] utils/net.c:main(792)
   return code = -1
 
 I am not using an administrator account but my account has privileges to
 add computer accounts, so this shouldn't matter right?
 
 If I run kdestroy and clear my ticket, then run net ads join and put
 in my password, I get the error, but klist shows no ticket.  The net
 commands is not getting that far I guess.
 
 Also, like the HOWTO described, I ran kinit, got a ticket.  Then I ran
 net ads join but it still prompts me for as password!  It's almost as
 if samba is ignoring my kerberos cache.  I compiled using --with-krb5
 and configure output showed most of the kerberos stuff with yes.
 
 Any ideas on this?  Is this a bug or did I build samba incorrectly?
 
 Thanks,
 Aaron
 


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

[Samba] Cannot find KDC for requested realm

2004-09-16 Thread Aaron Bostick 
Hi, I am trying to get samba/winbind setup to do active directory
authentication.  I am using samba 3.0.7, kerberos 1.3.5, and openldap
2.2.17.

I can kinit and klist just fine.  However, when I try to net ads join
-d10 -Uabostick, I get the error listed below:

[2004/09/16 17:04:26, 3] libads/sasl.c:ads_sasl_spnego_bind(211)
  ads_sasl_spnego_bind: got server principal name
[EMAIL PROTECTED]
[2004/09/16 17:04:26, 1] libsmb/clikrb5.c:ads_krb5_mk_req(313)
  krb5_cc_get_principal failed (No credentials cache found)
[2004/09/16 17:04:26, 0] libads/kerberos.c:ads_kinit_password(136)
  kerberos_kinit_password [EMAIL PROTECTED] failed: Cannot
find KDC for requested realm
[2004/09/16 17:04:26, 0] utils/net_ads.c:ads_startup(183)
  ads_connect: Cannot find KDC for requested realm
[2004/09/16 17:04:26, 2] utils/net.c:main(792)
  return code = -1

I am not using an administrator account but my account has privileges to
add computer accounts, so this shouldn't matter right?

If I run kdestroy and clear my ticket, then run net ads join and put
in my password, I get the error, but klist shows no ticket.  The net
commands is not getting that far I guess.

Also, like the HOWTO described, I ran kinit, got a ticket.  Then I ran
net ads join but it still prompts me for as password!  It's almost as
if samba is ignoring my kerberos cache.  I compiled using --with-krb5
and configure output showed most of the kerberos stuff with yes.

Any ideas on this?  Is this a bug or did I build samba incorrectly?

Thanks,
Aaron

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba