error joining windows 2003 domain
I have a server that I was able to join a domain, but after a reboot I am having problems authenticating mail. Im not really sure where the problem is but here are some errors and some results of commands:
cat /var/log/secure Sep 22 16:13:44 hostname authdaemond: pam_winbind(imap:auth): request failed: No such user, PAM error was User not known to the underlying authentication module (10), NT error was NT_STATUS_NO_SUCH_USER Sep 22 16:13:51 hostname authdaemond: pam_unix(imap:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=myuser *hostname and *myuser are valid names, changed for security reasons wbinfo -u domain+administrator domain+guest domain+support_388945a0 domain+krbtgt domain+username domain+username2 domain+username3 domain+ldapuser domain+name$ wbinfo -g also comes back with correct group names The box is on the domain. But it's not authenticating correctly. I remember when I originally put it on the domain I had to make some changes to the "net ads join -Umyuser" command to get it to join correctly. I can't remember what I did and I cant find it in my notes When I try to do a net ads leave -Umyusername I get this [2008/09/22 16:46:14, 0] libads/kerberos.c:ads_kinit_password(228) kerberos_kinit_password hostname$@domain.COM failed: Preauthentication failed [2008/09/22 16:46:14, 0] libads/kerberos.c:ads_kinit_password(228) kerberos_kinit_password hostname$@domain.COM failed: Preauthentication failed maillog reference to me logging into my mail Sep 22 16:03:07 mailserver imapd-ssl: LOGIN FAILED, user=myuser, ip=[::ffff:myip] using my username and PW and myusername does have admin rights on the DC. net ads join -Umyuser myuser's password: [2008/09/22 16:50:54, 0] libads/kerberos.c:ads_kinit_password(228) kerberos_kinit_password hostname$@DOMAIN.COM failed: Preauthentication failed Failed to join domain: Logon failure klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: myuser@DOMAIN.COM Valid starting Expires Service principal 09/22/08 16:38:04 09/23/08 02:37:57 krbtgt/DOMAIN.COM@DOMAIN.COM renew until 09/23/08 16:38:04 Kerberos 4 ticket cache: /tmp/tkt0 klist: You have no tickets cached Why would it break on a server reboot? What else can I post? uname -r 2.6.18-53.1.21.el5 |
All times are GMT -5. The time now is 04:21 AM. |