LinuxQuestions.org - Samba4 New Issue after upgrade to 4.1.x

- Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)

- - Samba4 New Issue after upgrade to 4.1.x (https://www.linuxquestions.org/questions/linux-server-73/samba4-new-issue-after-upgrade-to-4-1-x-4175476923/)

Samba4 New Issue after upgrade to 4.1.x

I have updated samba 4 from version 4.06 to 4.1.0 rc3 but I am having problems:

When trying to connect a win7 box to the domain I get password expired for the domain admin.

I have tried to reset the password to no avail:

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Thu Sep 12 18:36:10 2013 from xxxx.local
root@PDC:~# kpasswd
kpasswd: Cannot contact any KDC for requested realm getting initial ticket
root@PDC:~# klist -e
klist: No credentials cache found (ticket cache FILE:/tmp/krb5cc_0)
root@PDC:~# man klist
root@PDC:~# klist -l
Principal name Cache name
-------------- ----------
root@PDC:~# man klist
root@PDC:~# klist -k
Keytab name: FILE:/etc/krb5.keytab
klist: No such file or directory while starting keytab scan
root@PDC:~# man klist
root@PDC:~# klist -V
Kerberos 5 version 1.10.1
root@PDC:~# host -t SRV _ldap._tcp.mylan.local.
_ldap._tcp.mylan.local has SRV record 0 100 389 PDC.mylan.local.
root@PDC:~# host -t A PDC.mylan.local.
PDC.mylan.local has address 10.0.0.30
root@PDC:~# apt-get install krb5-user
Reading package lists... Done
Building dependency tree
Reading state information... Done
krb5-user is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
root@PDC:~# kinit administrator
kinit: Cannot contact any KDC for realm 'mylan.LOCAL' while getting initial credentials
root@PDC:~#

It seems there are some issues here with Kerberos; anyone have any ideas?

I get almost the same errors with version 4.0.8.
root@obgdc10:~# kpasswd
kpasswd: Client not found in Kerberos database getting initial ticket
root@obgdc10:~# klist -e
klist: No credentials cache found (ticket cache FILE:/tmp/krb5cc_0)
root@obgdc10:~# klist -l
Principal name Cache name
-------------- ----------
root@obgdc10:~# klist -k
Keytab name: FILE:/etc/krb5.keytab
klist: No such file or directory while starting keytab scan
root@obgdc10:~# klist -V
Kerberos 5 version 1.10.1
root@obgdc10:~# host -t SRV _ldap._tcp.OBG.local.
_ldap._tcp.OBG.local has SRV record 0 100 389 obgdc10.obg.local.
root@obgdc10:~# host -t A obgdc10.obg.local.
obgdc10.obg.local has address 192.168.10.38
root@obgdc10:~# kinit administrator@OBG.LOCAL
kinit: Cannot contact any KDC for realm 'OBG.LOCAL' while getting initial credentials
root@obgdc10:~#
Did you get your 4.0.6 running?

Hi Warnerk,

No; though there is a much more up to date version at Samba 4.1.0 RC4 so over the next few nights when I get an opportunity I am going to wipe the server and start again on Debian Wheezy 7.1 using this newer version of Samba and will then see what the outcome is again.

It's quite an interesting piece of software and I'm keen to get it working properly in a stable and predictable manner as then I don't have to bother with Windows servers at home at all.

Though we will always be using Windows Desktop clients hence the need for Samba4 (as I need active directory and group policies).

I'll report back my findings.