[Samba] Authentify User again Windows 2003 Active Directory
Hello List,
I'm running Samba 3.0.14a-Debian.
I want to authentifcate the Users again the Windows Active Directory,
but it will not works fine.
I've joined the Active Directory without problems.
net join -S sfmdc004 -UP7812%password
When I check a user on the CLI it seems to work
SFPDF053:~# kinit P7812
[EMAIL PROTECTED]'s Password:
kinit: NOTICE: ticket renewable lifetime is 1 week
kinit: converting creds: Cannot contact any KDC for requested realm
But what is about the last message ? Cannot contact any KDC ?
Here is my config smb.conf:
#=== Global Settings ===
[global]
workgroup = STBS1
server string = SFPDF084
netbios name = SFPDF084
comment = PDF-Server
security = ADS
domain master = no
domain logons = no
preferred master = no
local master = no
log file = /var/log/samba/log.%m
realm=STBS1.STBS.ORG
wins server = 10.10.4.21
wins support = no
winbind uid = 1-1
winbind gid = 1-1
idmap uid = 1-2
idmap gid = 1-2
winbind enum users = No
winbind enum groups = No
winbind use default domain = No
algorithmic rid base = 1
nis homedir = true
invalid users = root
max log size = 1000
socket options = TCP_NODELAY
encrypt passwords = yes
os level = 64
obey pam restrictions = yes
printing = cups
printcap = cups
load printers = yes
name resolve order = hosts lmhosts wins bcast
passdb backend = tdbsam
#=== Share Definitions
===
[treiber]
path = /var/www/treiber
comment = Treiberordner
public = Yes
writable = Yes
browsable = yes
create mask = 0777
directory mask = 0777
and here /etc/krb5.conf
[libdefaults]
default_realm = STBS1.STBS.ORG
dns_lookup_realm = false
[realms]
STBS1.STBS.ORG = {
kdc = tcp/sfmdc004.stbs1.stbs.org
admin_server = sfmdc004.stbs1.stbs.org
}
[domain_realm]
.stbs.org = STBS1.STBS.ORG
.stbs1.stbs.org = STBS1.STBS.ORG
With Kind regards
Dominik
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
Re: [Samba] Authentify User again Windows 2003 Active Directory
Weber, Dominik schrieb:
Hello List,
I'm running Samba 3.0.14a-Debian.
I want to authentifcate the Users again the Windows Active Directory,
but it will not works fine.
I've joined the Active Directory without problems.
net join -S sfmdc004 -UP7812%password
When I check a user on the CLI it seems to work
SFPDF053:~# kinit P7812
[EMAIL PROTECTED]'s Password:
kinit: NOTICE: ticket renewable lifetime is 1 week
kinit: converting creds: Cannot contact any KDC for requested realm
But what is about the last message ? Cannot contact any KDC ?
Here is my config smb.conf:
kinit ist not samba so:
[SNIP]
and here /etc/krb5.conf
[libdefaults]
default_realm = STBS1.STBS.ORG
dns_lookup_realm = false
[realms]
STBS1.STBS.ORG = {
kdc = tcp/sfmdc004.stbs1.stbs.org
admin_server = sfmdc004.stbs1.stbs.org
}
[domain_realm]
.stbs.org = STBS1.STBS.ORG
.stbs1.stbs.org = STBS1.STBS.ORG
With Kind regards
Dominik
sfmdc004.stbs1.stbs.org resolves 4 ip addresses.
3 of them in the same subnet. Are you shure that all are the same machine?
Perhaps you could use an ip address in the krb5.conf.
Bye,
~ Martin
--
Martin Zielinski [EMAIL PROTECTED]
Software Development
SEH Computertechnik GmbH www.seh.de
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
