After net ads join, kinit fails: Client not found...
I'm installing Samba with Security ADS (compiled
--with-winbind --with-ads --with-ldap --with-krb5) on
Solaris 8, for connect with ActiveDirectory W2K.
First, I created in AD Windows an account with the
same name that my solaris host and generated the
keytab with this:
C:\temp>ktpass princ host/[hidden email] mapuser mysolarishost -pass ad_user_pwd out
And add the file to /etc/krb5/krb5.keytab with
I ran kinit host/[hidden email], and it
asked me for a password (ad_usr_pwd) and all right.
Then I ran net ads join -U Administrator.
It asked for password and sent:
Using short domain name -- DOMAINNETBIOS
Joined 'MYSOLARISHOST' to realm 'DOMAIN.COM.MX'
After this, I ran SMB daemons. In log.smbd I get:
[2005/08/16 19:12:48, 0] smbd/server.c:main(802)
smbd version 3.0.20rc1 started.
Copyright Andrew Tridgell and the Samba Team
[2005/08/16 19:12:48, 0]
host/[hidden email] failed: Client not
found in Kerberos database
If I run kinit host/[hidden email], I
get this message:
kinit(v5): Client not found in Kerberos database while
getting initial credentials
So, the problem is when a run net ads join. After
that the authentication with AD W2K is broken. If I
delete the computer account in AD W2K, the kinit
command works again.
Here my configuration files:
workgroup = DOMAINNETBIOS
netbios name = mysolarishost
idmap uid = 10000-20000
idmap gid = 10000-20000
security = ads
realm = DOMAIN.COM.MX
password server = adw2kserver.domain.com.mx