Having problems with Samba/Winbind, and authenticating to ADS.
Running FC1 Samba/Wnbindd version 3.0.7-2.FC1


Question. Does FC1 support a higher version of Samba than 3.0.7-2?

When I restart Winbind, I get

"[2005/09/21 08:25:21, 1] nsswitch/winbindd.c:main(854)
winbindd version 3.0.7-2.FC1 started.
Copyright The Samba Team 2000-2004
[2005/09/21 08:25:21, 1] libsmb/clikrb5.c:ads_krb5_mk_req(313)
krb5_cc_get_principal failed (No credentials cache found)"



All of the following are good to go!

1) Samba server installed. Don't need to start smbd services.
Samba version: 3.0.14a or higher.
Verificare AD support like this:

# smbd -b | grep LDAP
HAVE_LDAP_H
HAVE_LDAP
HAVE_LDAP_DOMAIN2HOSTLIST
...

# smbd -b | grep KRB
HAVE_KRB5_H
HAVE_ADDRTYPE_IN_KRB5_ADDRESS
HAVE_KRB5
...

# smbd -b | grep ADS
WITH_ADS
WITH_ADS

# smbd -b | grep WINBIND
WITH_WINBIND
WITH_WINBIND

2) ntp installed and running on both AD and Linux machine. Timing MUST be in sync

3) kerberos installed (file /etc/krb5.conf)

4) /lib/security/pam_winbind.so module installed

__________________________________________________ __

I run all these following tests and all work accept one.

TESTS:


#wbinfo -t - WORKS
checking the trust secret via RPC calls succeeded

What users? - WORKS
#wbinfo -u
...

Show groups now: - WORKS
#wbinfo -g
...

Can I login? - WORKS
#wbinfo -auser%password
plaintext password authentication succeeded
challenge/response password authentication succeeded

My SID, please - FAILS - Gives me error "Could not lookup name %username%"
#wbinfo -nuser
your SID here

passwd? - WORKS
#getent passwd
...

group? - WORKS
#getent group

Your kerberos ticket is placed in /tmp. I notice that my ticket gets old sometimes and I need to delete the ticket and re-authenticate with "kinit -V administrator@whateverdomain.com" Then I dont get that error.