Help with SMB, Krb5, and ADS.
Having problems with Samba/Winbind, and authenticating to ADS.
Running FC1 Samba/Wnbindd version 3.0.7-2.FC1
Question. Does FC1 support a higher version of Samba than 3.0.7-2?
When I restart Winbind, I get
"[2005/09/21 08:25:21, 1] nsswitch/winbindd.c:main(854)
winbindd version 3.0.7-2.FC1 started.
Copyright The Samba Team 2000-2004
[2005/09/21 08:25:21, 1] libsmb/clikrb5.c:ads_krb5_mk_req(313)
krb5_cc_get_principal failed (No credentials cache found)"
All of the following are good to go!
1) Samba server installed. Don't need to start smbd services.
Samba version: 3.0.14a or higher.
Verificare AD support like this:
# smbd -b | grep LDAP
HAVE_LDAP_H
HAVE_LDAP
HAVE_LDAP_DOMAIN2HOSTLIST
...
# smbd -b | grep KRB
HAVE_KRB5_H
HAVE_ADDRTYPE_IN_KRB5_ADDRESS
HAVE_KRB5
...
# smbd -b | grep ADS
WITH_ADS
WITH_ADS
# smbd -b | grep WINBIND
WITH_WINBIND
WITH_WINBIND
2) ntp installed and running on both AD and Linux machine. Timing MUST be in sync
3) kerberos installed (file /etc/krb5.conf)
4) /lib/security/pam_winbind.so module installed
__________________________________________________ __
I run all these following tests and all work accept one.
TESTS:
#wbinfo -t - WORKS
checking the trust secret via RPC calls succeeded
What users? - WORKS
#wbinfo -u
...
Show groups now: - WORKS
#wbinfo -g
...
Can I login? - WORKS
#wbinfo -auser%password
plaintext password authentication succeeded
challenge/response password authentication succeeded
My SID, please - FAILS - Gives me error "Could not lookup name %username%"
#wbinfo -nuser
your SID here
passwd? - WORKS
#getent passwd
...
group? - WORKS
#getent group
|