Comments on: Troubleshooting Active Directory and Winbind http://www.linuxmail.info/troubleshooting-active-directory-centos-5/ Rapidly deploy Linux based mail solutions today Sat, 12 Sep 2009 22:40:43 +0000 hourly 1 http://wordpress.org/?v=3.0.1 By: Ryan http://www.linuxmail.info/troubleshooting-active-directory-centos-5/#comment-3750 Ryan Thu, 09 Jul 2009 16:44:47 +0000 http://www.linux-mail.info/troubleshooting-active-directory-centos-5/#comment-3750 It seems to me that everything is going smoothly. Kerberos auth works fine, I see the entries using getent, I can su to a domain user account and it creates the home directories, I get everything fine back from wbinfo. The problem is, on the login screen, it won't recognize the domain user accounts. /var/log/secure says that pam can't locate the user info. /etc/pam.d/login points to system-auth, which has all the right krb entries. Any advice? It seems to me that everything is going smoothly. Kerberos auth works fine, I see the entries using getent, I can su to a domain user account and it creates the home directories, I get everything fine back from wbinfo.

The problem is, on the login screen, it won’t recognize the domain user accounts. /var/log/secure says that pam can’t locate the user info. /etc/pam.d/login points to system-auth, which has all the right krb entries. Any advice?

]]> By: Greg http://www.linuxmail.info/troubleshooting-active-directory-centos-5/#comment-3687 Greg Thu, 28 May 2009 17:35:11 +0000 http://www.linux-mail.info/troubleshooting-active-directory-centos-5/#comment-3687 I get these two errors when joining the domain, and doing a getent passwd doesn't list the AD password/accounts on CENTOS 5 machine. Using short domain name -- XXDOMAIN DNS update failed! I get these two errors when joining the domain, and doing a getent passwd doesn’t list the AD password/accounts on CENTOS 5 machine.

Using short domain name — XXDOMAIN
DNS update failed!

]]> By: Carlos Sarmiento http://www.linuxmail.info/troubleshooting-active-directory-centos-5/#comment-726 Carlos Sarmiento Tue, 06 May 2008 16:34:23 +0000 http://www.linux-mail.info/troubleshooting-active-directory-centos-5/#comment-726 Hi. I'm running opensuse 10.3 and samba-3.0.26a-3.5. I'm trying to make Windbind and Active Directory work together.When I run smb -b |grep LDAP I don't get HAVE_LDAP_DOMAIN2HOSTLIST host:/etc/samba # smbd -b | grep LDAP HAVE_LDAP_H HAVE_LDAP HAVE_LDAP_ADD_RESULT_ENTRY HAVE_LDAP_INIT HAVE_LDAP_INITIALIZE HAVE_LDAP_SET_REBIND_PROC HAVE_LIBLDAP LDAP_SET_REBIND_PROC_ARGS Should I necessarily have it listed?. However trying: host:/etc/samba # kinit -V admin@PRUEBA Password for admin@PRUEBA: Authenticated to Kerberos v5 host:/etc/samba # net ads join -U admin admin's password: Using short domain name -- MAIN Joined 'HOST' to realm 'PRUEBA' host:/etc/samba # net ads testjoin Join is OK When I run wbinfo -u host:/etc/samba # wbinfo -u Error looking up domain users And I see the message in the log file and when I run 2008/05/02 13:32:30, 1] libads/cldap.c:recv_cldap_netlogon(247) Failed to parse cldap reply It seems it's working, but I just keep getting those errors in the log files and of course it won't work. Can anybody help me? Thank you in advance. Hi. I’m running opensuse 10.3 and samba-3.0.26a-3.5. I’m trying to make Windbind and Active Directory work together.When I run smb -b |grep LDAP I don’t get HAVE_LDAP_DOMAIN2HOSTLIST

host:/etc/samba # smbd -b | grep LDAP
HAVE_LDAP_H
HAVE_LDAP
HAVE_LDAP_ADD_RESULT_ENTRY
HAVE_LDAP_INIT
HAVE_LDAP_INITIALIZE
HAVE_LDAP_SET_REBIND_PROC
HAVE_LIBLDAP
LDAP_SET_REBIND_PROC_ARGS

Should I necessarily have it listed?.

However trying:
host:/etc/samba # kinit -V admin@PRUEBA
Password for admin@PRUEBA:
Authenticated to Kerberos v5

host:/etc/samba # net ads join -U admin
admin’s password:
Using short domain name — MAIN
Joined ‘HOST’ to realm ‘PRUEBA’

host:/etc/samba # net ads testjoin
Join is OK

When I run wbinfo -u

host:/etc/samba # wbinfo -u
Error looking up domain users

And I see the message in the log file and when I run
2008/05/02 13:32:30, 1] libads/cldap.c:recv_cldap_netlogon(247) Failed to parse cldap reply

It seems it’s working, but I just keep getting those errors in the log files and of course it won’t work. Can anybody help me?

Thank you in advance.

]]>