Hi,
I am trying to set up our SLES 10 user accounts so they can log in
with =
their windows 2000 server active directory credentials.
This works for console GUI login, and even if you su, but we get the following error at the text login prompt:
login: EURO_NT\fred
Password for EURO_NT\fred:
login: Client not found in Kerberos database while getting initial credentials
Login incorrect
I also get the following errors when doing a net ads join:
[2007/03/06 09:16:47, 0] libads/kerberos.c:get_service_ticket(399)
get_service_ticket: kerberos_kinit_password =
DIONYSUS$@EUROLIFE.CO.UK@EUROLIFE.CO.UK failed: Preauthentication
failed
[2007/03/06 09:16:47, 0] libads/kerberos.c:get_service_ticket(399)
get_service_ticket: kerberos_kinit_password =
DIONYSUS$@EUROLIFE.CO.UK@EUROLIFE.CO.UK failed: Preauthentication
failed
[2007/03/06 09:16:47, 0] libads/kerberos.c:get_service_ticket(399)
get_service_ticket: kerberos_kinit_password =
DIONYSUS$@EUROLIFE.CO.UK@EUROLIFE.CO.UK failed: Preauthentication
failed
................
Joined 'DIONYSUS' to realm 'EUROLIFE.CO.UK'
Although, bar the above, joining the domain seems to be successful.
smb.conf:
[global]
workgroup = EURO_NT
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
map to guest = Bad User
include = /etc/samba/dhcp.conf
logon path = \\%L\profiles\.msprofile
logon home = \\%L\%U\.9xprofile
logon drive = P:
idmap gid = 10000-20000
idmap uid = 10000-20000
realm = EUROLIFE.CO.UK
security = ADS
template homedir = /home/%D/%U
template shell = /bin/bash
winbind refresh tickets = yes
add machine script = /usr/sbin/useradd -c Machine -d = /var/lib/nobody -s /bin/false %m$
domain logons = No
domain master = No
netbios name = DIONYSUS
# comment = Neptune Linux Server Thing
# password server = *
passdb backend = smbpasswd
wins server = 10.1.0.2
wins support D No
krb5.conf:
[libdefaults]
default_realm = EUROLIFE.CO.UK
clockskew = 300
[realms]
EUROLIFE.CO.UK = {
kdc = 10.1.0.2
default_domain = eurolife.co.uk
admin_server = 10.1.0.2
wins_server = 10.1.0.2
kpasswd_server = 10.1.0.2
}
[logging]
kdc = FILE:/var/log/krb5/krb5kdc.log
admin_server = FILE:/var/log/krb5/kadmind.log
default = SYSLOG:NOTICE
AEMON
[domain_realm]
.eurolife.co.uk = EUROLIFE.CO.UK
[appdefaults]
pam = {
ticket_lifetime = 1d
renew_lifetime = 1d
forwardable = true
proxiable = false
retain_after_close = false
minimum_uid = 0
try_first_pass = true
}
Thanks for any help!
Kind regards,
goatBadger