Active Directory and Kerberos authentication - Help?! (fwd)
Darrin Chandler
dwchandler at stilyagin.com
Wed Feb 15 16:21:11 MST 2006
Bryan.ONeal at asu.edu wrote:
>Not sure how to tell, the Windows box is authenticating, and I believe in a
>2003/XP environment it must be authenticating via Kerberos. I suppose I can
>boot off of knopix and try that.
>
>
Just a shot in the dark. A bit of Googling came up with
http://lilly.csoft.net/~vdebaere/handleiding/samba-activedirectory/index_en.html,
which says...
--------------/CUT/--------------------
In my case everything went ok, but there are a few commonly encountered
error messages:
*
kinit: krb5_get_init_creds: unable to reach any KDC in realm
SAMPLEDOMAIN.INVALID
The kerberos libraries were unable to find the KDC for the
SAMPLEDOMAIN.INVALID realm. Check your /etc/resolv.conf settings.
Make sure your Active Directory PDC is above all other entries. In
case you don't want to mess with your nameserver settings, create
a /etc/krb5.conf file with these contents:
[libdefaults]
default_realm = SAMPLEDOMAIN.INVALID
[realms]
SAMPLEDOMAIN.INVALID = {
kdc = controller.sampledomain.invalid
}
[domain_realms]
.controller.sampledomain.invalid = SAMPLEDOMAIN.INVALID
--------------/CUT/--------------------
--
Darrin Chandler | Phoenix BSD Users Group
dwchandler at stilyagin.com | http://bsd.phoenix.az.us/
http://www.stilyagin.com/ |
More information about the PLUG-discuss
mailing list