Re: [Samba] Problem with nslcd and samba
Hi Steve nslookup : OK ldbsearch --url=/usr/local/samba/private/sam.ldb cn=admin01: see output file steve2.log samba-tool domain exportkeytab /tmp/test.keytab --principal=ADMIN01$: see output file steve3.log klist -k: see output file steve4.log This last command has a bad result for me. But I don't know why. regards Stéphane --- Stéphane PURNELLE Admin. Systèmes et Réseaux Service Informatique Corman S.A. Tel : 00 32 (0)87/342467 De :steve A : samba@lists.samba.org, Date : 28/08/2013 11:52 Objet : Re: [Samba] Problem with nslcd and samba Envoyé par :samba-boun...@lists.samba.org On Wed, 2013-08-28 at 11:03 +0200, Stéphane PURNELLE wrote: > Hi, > > On the DC > > File-server and DC are on the same server. Hi Is it really there? nslookup admin01 ldbsearch --url=/usr/local/samba/private/sam.ldb cn=admin01 samba-tool domain exportkeytab /tmp/test.keytab --principal=ADMIN01$ klist -k Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Problem with nslcd and samba
On Wed, 2013-08-28 at 11:03 +0200, Stéphane PURNELLE wrote: > Hi, > > On the DC > > File-server and DC are on the same server. Hi Is it really there? nslookup admin01 ldbsearch --url=/usr/local/samba/private/sam.ldb cn=admin01 samba-tool domain exportkeytab /tmp/test.keytab --principal=ADMIN01$ klist -k Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Problem with nslcd and samba
Hi, On the DC File-server and DC are on the same server. --- Stéphane PURNELLE Admin. Systèmes et Réseaux Service Informatique Corman S.A. Tel : 00 32 (0)87/342467 samba-boun...@lists.samba.org wrote on 28/08/2013 10:58:19: > De : steve > A : samba@lists.samba.org, > Date : 28/08/2013 10:59 > Objet : Re: [Samba] Problem with nslcd and samba > Envoyé par : samba-boun...@lists.samba.org > > On Wed, 2013-08-28 at 10:34 +0200, Stéphane PURNELLE wrote: > > Hi, > > > > I try to use nslcd with samba 4 for get suers and group for AD. > > if I do a ldapsearch, I have a message : > > > > Server not in kerberos database > > Hi > You get those errors when you are not joined to the domain. Is this the > DC or a client? > > > -- > To unsubscribe from this list go to the following URL and read the > instructions: https://lists.samba.org/mailman/options/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
Re: [Samba] Problem with nslcd and samba
On Wed, 2013-08-28 at 10:34 +0200, Stéphane PURNELLE wrote: > Hi, > > I try to use nslcd with samba 4 for get suers and group for AD. > if I do a ldapsearch, I have a message : > > Server not in kerberos database Hi You get those errors when you are not joined to the domain. Is this the DC or a client? -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] Problem with nslcd and samba
Hi, I try to use nslcd with samba 4 for get suers and group for AD. if I do a ldapsearch, I have a message : Server not in kerberos database if I do a getent passwd, nslcd display same error message. log of samba4: [2013/08/28 10:15:47, 3] ../source4/auth/kerberos/krb5_init_context.c:80(smb_krb5_debug_wrapper) Kerberos: TGS-REQ administra...@cormandom.int-corman.be from ipv4:10.217.7.3:40947 for ldap/admin01.cormandom.int-corman...@cormandom.int-corman.be [canonicalize, renewable] [2013/08/28 10:15:47, 4] ../source4/dsdb/samdb/cracknames.c:169(LDB_lookup_spn_alias) LDB_lookup_spn_alias: no alias for service ldap applicable [2013/08/28 10:15:47, 3] ../source4/auth/kerberos/krb5_init_context.c:80(smb_krb5_debug_wrapper) Kerberos: Searching referral for admin01.cormandom.int-corman.be [2013/08/28 10:15:47, 3] ../source4/auth/kerberos/krb5_init_context.c:80(smb_krb5_debug_wrapper) Kerberos: Server not found in database: ldap/admin01.cormandom.int-corman...@cormandom.int-corman.be: no such entry found in hdb [2013/08/28 10:15:47, 3] ../source4/auth/kerberos/krb5_init_context.c:80(smb_krb5_debug_wrapper) Kerberos: Failed building TGS-REP to ipv4:10.217.7.3:40947 [2013/08/28 10:15:47, 3] ../source4/auth/kerberos/krb5_init_context.c:80(smb_krb5_debug_wrapper) Kerberos: TGS-REQ administra...@cormandom.int-corman.be from ipv4:10.217.7.3:38379 for ldap/admin01.cormandom.int-corman...@cormandom.int-corman.be [renewable] [2013/08/28 10:15:47, 4] ../source4/dsdb/samdb/cracknames.c:169(LDB_lookup_spn_alias) LDB_lookup_spn_alias: no alias for service ldap applicable [2013/08/28 10:15:47, 3] ../source4/auth/kerberos/krb5_init_context.c:80(smb_krb5_debug_wrapper) Kerberos: Server not found in database: ldap/admin01.cormandom.int-corman...@cormandom.int-corman.be: no such entry found in hdb [2013/08/28 10:15:47, 3] ../source4/auth/kerberos/krb5_init_context.c:80(smb_krb5_debug_wrapper) Kerberos: Failed building TGS-REP to ipv4:10.217.7.3:38379 [2013/08/28 10:15:47, 3] ../source4/smbd/service_stream.c:63(stream_terminate_connection) Terminating connection - 'ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED' [2013/08/28 10:15:47, 5] ../source4/lib/messaging/messaging.c:554(imessaging_cleanup) imessaging: cleaning up /srv/samba/private/smbd.tmp/msg/msg.17615.25 [2013/08/28 10:15:47, 3] ../source4/smbd/process_single.c:114(single_terminate) single_terminate: reason[ldapsrv_call_loop: tstream_read_pdu_blob_recv() - NT_STATUS_CONNECTION_DISCONNECTED] output of ldapsearch SASL/GSSAPI authentication started ldap_sasl_interactive_bind_s: Local error (-2) additional info: SASL(-1): generic failure: GSSAPI Error: Unspecified GSS failure. Minor code may provide more information (Server not found in Kerberos database) DNS config: BIND_DLZ Version of samba: samba 4.1rc1 anyone have idea ? best regards, Stéphane --- Stéphane PURNELLE Admin. Systèmes et Réseaux Service Informatique Corman S.A. Tel : 00 32 (0)87/342467 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
