On Tue, Mar 7, 2017 at 8:54 PM, Michael Hirmke <mh@mike.franken.de> wrote:
Hi Roger,
I'm still fighting with this issue. The Windows server seems not to provide a clue.
LDAP server name: RAMSTODCZZ.ramboll.ramboll-group.global.network Realm: ZZZ.RAMBOLL-GROUP.GLOBAL.NETWORK Bind Path: dc=ZZZ,dc=RAMBOLL-GROUP,dc=GLOBAL,dc=NETWORK
This seems a bit strange. According to ths output: Your DC's fqdn is RAMSTODCZZ.ramboll.ramboll-group.global.network? But your domain is ZZZ.RAMBOLL-GROUP.GLOBAL.NETWORK? So your DC is not part of the domain? Do you have more than one domain in your forest and ZZZ is the root domain? If so, you should bind to the same domain your DC is part of.
Sorry about that. In a futile attempt not to provide system names, I changed some of the values. All The ZZZ are really something else. RAMSTODCZZ.ramboll.ramboll-group.global.network should have been RAMSTODCZZ.ZZZ.ramboll-group.global.network
But if I remember correctly, your krb5.conf did contain the correct server and domain names.
Besides that, you seem to have two different problems:
gss_init_sec_context failed with [Unspecified GSS failure. Minor code may provide more information: Server not found in Kerberos database] SPNEGO(gse_krb5) creating NEG_TOKEN_INIT failed: NT_STATUS_INTERNAL_ERROR
Ask your favorite search engine for "Server not found in Kerberos database". You will find a lot of hits - perhaps one of them can lead you to a solution.
I did search for that. I was none the wiser, as they were trying to fix Kerberos. But as kinit and all seem to be working, it does not look like my Kerberos setup is the issue. Maybe kinit is not a complete enough test? The question is: which thing can't it find tin this context that it can fine with kinit? And if something is not known to Kerberos, why is kinit working?
And
resolve_wins: WINS server resolution selected and no WINS servers listed. resolve_hosts: Attempting host lookup for name RAMBOLL<0x20> resolve_hosts: getaddrinfo failed for name RAMBOLL [Name or service not known] name_resolve_bcast: Attempting broadcast lookup for name RAMBOLL<0x20> Connection to RAMBOLL failed (Error NT_STATUS_UNSUCCESSFUL)
There seems to be a problem with WINS not working as expected. Do you have a "wins server =" entry in your smb.conf? And if so, is the entry correct.
I do not have this in my smb.conf. On Windows PCs in the network, DNS is defined. But no WINS servers are listed. I tried setting the server to the DNS servers (maybe the DNS server also provides WINS). No difference. I also do not have the wins server defined on the SAMBA machine (samba-3.6.12) that works. Sigh. -- Roger Oberholtzer -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org