Атцы!
Помогите.
Имеем сабж, должен жить в домене MS AD (Win2000).
Джойнится в домен нормально, показывает информацию о домене, а вот при работе с доменом через керберос наблюдаются проблемы.
Имеем конфиг
[global]
dos charset = CP866
unix charset = UTF8
display charset = UTF8
workgroup = UPR
realm = UPR.EN.LG.UA
interfaces = 127.0.0.1, eth1
bind interfaces only = Yes
security = ADS
map to guest = Bad Password
null passwords = Yes
password server = 10.115.1.16
time server = Yes
wins server = 10.115.1.16
ldap suffix = ou=samba,dc=en,dc=lg.ua
ldap admin dn = ou=samba,dc=en,dc=lg.ua
ldap ssl = no
ldap delete dn = Yes
idmap backend = ldap:ldap://system1.en.lg.ua
idmap uid = 10000-20000
idmap gid = 10000-20000
template homedir = /home/%U
winbind use default domain = Yes
admin users = upr\user1, upr\user2
guest ok = Yes
veto files = /Thumbs.db/desktop.ini/
[ftp]
path = /u01
read only = No
==========================================================
имеем в логе
[2004/05/26 13:07:30, 1] nsswitch/winbindd.c:main(843)
winbindd version 3.0.4-SerNet-SuSE started.
Copyright The Samba Team 2000-2004
[2004/05/26 13:07:30, 1] nsswitch/winbindd_util.c:add_trusted_domain(180)
Added domain UPR UPR.EN.LG.UA S-0-0
[2004/05/26 13:07:30, 1] libsmb/clikrb5.c:ads_krb5_mk_req(314)
krb5_get_credentials failed for ofa$@UPR.EN.LG.UA (Message stream modified)
[2004/05/26 13:07:30, 1] libsmb/cliconnect.c:cli_session_setup_kerberos(541)
spnego_gen_negTokenTarg failed: Message stream modified
[2004/05/26 13:07:30, 1] libsmb/clikrb5.c:ads_krb5_mk_req(306)
krb5_cc_get_principal failed (No such file or directory)
[2004/05/26 13:07:30, 0] libads/kerberos.c:ads_kinit_password(137)
kerberos_kinit_password HOST/1u@UPR.EN.LG.UA failed: Client not found in Kerberos database
[2004/05/26 13:07:30, 1] nsswitch/winbindd_ads.c:ads_cached_connection(81)
ads_connect for domain UPR failed: Client not found in Kerberos database
[2004/05/26 13:07:30, 1] libsmb/clikrb5.c:ads_krb5_mk_req(314)
krb5_get_credentials failed for ofa$@UPR.EN.LG.UA (Message stream modified)
[2004/05/26 13:07:30, 1] libsmb/cliconnect.c:cli_session_setup_kerberos(541)
spnego_gen_negTokenTarg failed: Message stream modified
[2004/05/26 13:07:30, 1] nsswitch/winbindd_util.c:add_trusted_domain(180)
Added domain UPR-ES upr-es.upr.en.lg.ua S-1-5-21-2353440924-987137362-2006585126
[2004/05/26 13:07:30, 1] nsswitch/winbindd_util.c:add_trusted_domain(180)
Added domain BUILTIN S-1-5-32
[2004/05/26 13:07:30, 1] nsswitch/winbindd_util.c:add_trusted_domain(180)
Added domain 1U S-1-5-21-3178766697-398524316-1047387567
[2004/05/26 13:07:30, 1] libsmb/clikrb5.c:ads_krb5_mk_req(314)
krb5_get_credentials failed for ofa$@UPR.EN.LG.UA (Message stream modified)
[2004/05/26 13:07:30, 1] libsmb/cliconnect.c:cli_session_setup_kerberos(541)
spnego_gen_negTokenTarg failed: Message stream modified
[2004/05/26 13:08:13, 1] libsmb/clikrb5.c:ads_krb5_mk_req(314)
krb5_get_credentials failed for ofa$@UPR.EN.LG.UA (Message stream modified)
[2004/05/26 13:08:13, 1] libsmb/cliconnect.c:cli_session_setup_kerberos(541)
spnego_gen_negTokenTarg failed: Message stream modified
[2004/05/26 13:08:24, 1] libsmb/clikrb5.c:ads_krb5_mk_req(306)
krb5_cc_get_principal failed (No such file or directory)
[2004/05/26 13:08:24, 0] libads/kerberos.c:ads_kinit_password(137)
kerberos_kinit_password HOST/1u@UPR.EN.LG.UA failed: Client not found in Kerberos database
[2004/05/26 13:08:24, 1] nsswitch/winbindd_ads.c:ads_cached_connection(81)
ads_connect for domain UPR failed: Client not found in Kerberos database
=================================================================
До этого на том же месте с тем же конфигом работала самба другой сборки, и работала неплохо (только винбинд ругался в лог и периодически падал, из-за чего и вынужден менять сборки), только ругалась следующим образом (это лог другого сервера, со старой сборкой, но ругань одинаковая).
[2004/05/26 14:12:49, 1] nsswitch/winbindd.c:main(843)
winbindd version 3.0.4-SUSE started.
Copyright The Samba Team 2000-2004
[2004/05/26 14:12:49, 1] nsswitch/winbindd_util.c:add_trusted_domain(180)
Added domain UPR UPR.EN.LG.UA S-0-0
[2004/05/26 14:13:13, 1] libsmb/clikrb5.c:ads_krb5_mk_req(306)
krb5_cc_get_principal failed (No such file or directory)
[2004/05/26 14:13:49, 1] nsswitch/winbindd_util.c:add_trusted_domain(180)
Added domain UPR-ES upr-es.upr.en.lg.ua S-1-5-21-2353440924-987137362-2006585126
[2004/05/26 14:13:49, 1] nsswitch/winbindd_util.c:add_trusted_domain(180)
Added domain BUILTIN S-1-5-32
[2004/05/26 14:13:49, 1] nsswitch/winbindd_util.c:add_trusted_domain(180)
Added domain SYSTEM1 S-1-5-21-2533164148-3059048036-4279830124
Где-то проблемы с керберос, но где-не пойму.
Помогите пожалуйста в первом или втором случае!
Сама самба работает идеально, но мне самба не очень нужна, мне нужен winbind!!!
Вариант для распечатки
OpenNET: Виртуальная конференция (Public)
on
26-Май-04, 15:23 (MSK)
