Prev: [Samba] Winbind.log - invalid trustdom response?
Next: [Samba] Running Samba-Swat on Ubuntu System
From: Geoffrey Scott on 30 Dec 2005 02:20
Question:
How can I stop users from being prompted for a password?
Is secrets.tdb needed?
Do you think my problems are caused by having a different workgroup to
realm?

Problems:
I've gone over samba-by-example 7.3.4.1 on setting up idmap_rid with winbind
quite a few times now. I also checked what JHT has said in chapter 12. All
of it seems correct. However I get loads of this before the machine finally
joins and shows up in the computers container of AD:

[2005/12/30 17:11:45, 0] libads/kerberos.c:get_service_ticket(356)
get_service_ticket: kerberos_kinit_password
FPSYD$@GUESTSFURNITUREHIRE.COM.AU(a)GUESTSFURNITUREHIRE.COM.AU failed: Client
not found in Kerberos database
[2005/12/30 17:11:45, 0] libads/kerberos.c:get_service_ticket(356)
get_service_ticket: kerberos_kinit_password
FPSYD$@GUESTSFURNITUREHIRE.COM.AU(a)GUESTSFURNITUREHIRE.COM.AU failed: Client
not found in Kerberos database
Joined 'FPSYD' to realm 'GUESTSFURNITUREHIRE.COM.AU'

I also have users being constantly asked for a username & password when they
access their homes share.

secrets.tdb doesn't get created.

These things work:
root# net ads testjoin
Join is OK

wbinfo -t or -u or -g all show what they are supposed to show.


CONF file below:
[global]
workgroup = GUESTSHIRE
realm = GUESTSFURNITUREHIRE.COM.AU
security = ADS
allow trusted domains = No
idmap backend = idmap_rid:GUESTSHIRE=5000-1000000
idmap uid = 5000-1000000
idmap gid = 5000-1000000
winbind use default domain = Yes
winbind nested groups = Yes

--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
 | 
Pages: 1
Prev: [Samba] Winbind.log - invalid trustdom response?
Next: [Samba] Running Samba-Swat on Ubuntu System