Web lists-archives.com

Re: [Samba] Login to AD Member Fail




On Wed, 27 Jun 2018 15:27:43 +0200
basti via samba <samba@xxxxxxxxxxxxxxx> wrote:

> On 27.06.2018 15:17, Rowland Penny via samba wrote:
> 
> > What is in /etc/krb5.conf ?
> > 
> > Rowland
> > 
> I think there is a Problem with krb5.conf
> 
> Fileserver1
> 
> root@srv-031:~# cat /etc/krb5.conf
> [libdefaults]
>     default_realm = DOM.EXAMPLE.COM
>     dns_lookup_realm = false
>     dns_lookup_kdc = true

That is the default Samba krb5.conf

> 
> 
> Fileserver with login Error
> 
> 
> root@srv-007:/var/log/samba# cat /etc/krb5.conf
> default = FILE:/var/log/krb5libs.log
> kdc = FILE:/var/log/krb5kdc.log
> admin_server = FILE:/var/log/kadmind.log
> 
> [libdefaults]
>     default_realm = DOM.EXAMPLE.COM
>     dns_lookup_realm = false
>     dns_lookup_kdc = true
>     ticket_lifetime = 24h
>     forwardable = yes
> 
> [realms]
>  DOM.EXAMPLE.COM = {
>   kdc = dc1.dom.example.com:88
>   admin_server = dc1.dom.example.com:749
>   default_domain = example.com
>  }
> 
> [domain_realm]
>  .EXAMPLE.COM = EXAMPLE.COM
>  EXAMPLE.COM = EXAMPLE.COM

And that is the default OS krb5.conf.
It should work though, it contains the same info as the Samba one.
You could try changing it to match the working fileserver.
I would also compare the dns files (/etc/hosts, /etc/resolv.conf and
the global portion of smb.conf) to see if there is any differences.

Rowland
 


-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba