Re: [Samba] Samba4 Kerberos Authentication Error
- Date: Wed, 5 Dec 2018 13:00:38 -0500
- From: Marco Shmerykowsky PE via samba <samba@xxxxxxxxxxxxxxx>
- Subject: Re: [Samba] Samba4 Kerberos Authentication Error
On 12/5/2018 12:28 PM, Rowland Penny via samba wrote:
On Wed, 5 Dec 2018 12:19:39 -0500
Marco Shmerykowsky PE <marco@xxxxxxxxxxxxxxxxx> wrote:
Marco J. Shmerykowsky, PE, F.ASCE
Shmerykowsky Consulting Engineers
Structural Analysis & Design
102 West 38th Street, 2nd Floor
New York, New York 10018
Tel. (212) 719-9700 Fax. (212) 719-4822
On 12/5/2018 12:11 PM, Rowland Penny via samba wrote:
On Wed, 5 Dec 2018 11:33:01 -0500
Marco Shmerykowsky PE via samba <samba@xxxxxxxxxxxxxxx> wrote:
The Realm matches the DNS.
hostname -d returns -> internal.company.com
domain name is internal.company.com
I can ping both internal.company.com and
machine254.internal.company.com both resolve to the IP of
I checked winbind using the commands on the following page & all
returned as expected.
You have never said what OS you are using, but check /etc/krb5.conf.
Does it start with an 'include' line ?
If so remove it
Can you post the following files
Server: Fedora 29 with Samba 4.9.2
Client: Windows 10 version 1803 Build 17134.441
127.0.0.1 localhost localhost.localdomain localhost4
::1 localhost localhost.localdomain localhost6
192.168.0.251 machine254.internal.company.com machine254
# Generated by NetworkManager
default_realm = INTERNAL.COMPANY.COM
dns_lookup_realm = false
dns_lookup_kdc = true
# Generated by authselect on Fri Jun 1 19:19:08 2018
# Do not modify this file manually.
passwd: sss files systemd winbind
group: sss files systemd winbind
netgroup: sss files
automount: sss files
services: sss files
sudoers: files sss
hosts: files dns myhostname
aliases: files nisplus
bootparams: nisplus [NOTFOUND=return] files
This email has been checked for viruses by AVG.
Are you using the OS's Samba packages ?
If so, you should be aware that they are deemed experimental and do not
fully work, they have problems and this could be another one of them.
I was not aware of that. Suggestions?
To unsubscribe from this list go to the following URL and read the