Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Open Ldap kinit error

  1. #1

    Angry Open Ldap kinit error

    I just figured out I am going about this all wrong.
    Totally confused. My goal is to Authenticate Linux against active directory
    as a Member file server in an existing ADS Network.
    I shut down the ldap server since it is not necessary
    I started following this tut Authenticating Linux against Active Directory

    However I am getting this and I'm stuck again

    getting this error INSCSUSE:~ # kinit bill
    kinit(v5): Cannot resolve network address for KDC in realm INSC.LOCAL while getting initial credentials

    Help much appreciated this is so frustrating!

  2. #2

    Default Re: Open Ldap kinit error

    where in the setup did you get to?

    Also for /etc/init.d/smbd status and /etc/init.d/winbindd status what do they return?

  3. #3

    Question Re: Open Ldap kinit error

    after putting my domain name in /etc/hosts kinit created the file problem is

    there is no /etc/security/pam_unix2.conf file to complete the tut

    Now I am stuck here.

  4. #4

    Question Re: Open Ldap kinit error

    Funny went went into yast samba windows member ship and was able to add the server to the domain.
    But I can't log into to it with any domain users.
    Have a hunch it is because of the missing pam_unix2.conf file. Which is not in the /etc/security directory where the tut said it should be. Please anyone know why or how to fix this?

  5. #5

    Default Re: Open Ldap kinit error

    open yast and search for pam. ensure that everything is installed properly. One thing. i noticed you said that you were manually editing the pam conf files. If you go through, set up the ntp client, then set the krb5 client, and then join to the domain the only file I can think that you might want to edit at all would be the pam_mount.xml file or the smb.conf file to get rid of the %D variable. I never have to edit the pam files directly anymore. Yast usually takes care of it for me.

  6. #6

    Question Re: Open Ldap kinit error

    I edited the kerberos file directly, because I couldn't find the kerberos client in yast. not the pam because
    it wasn't there. I am brand new to this the only thing I know is what the tutorial told me. What do you mean by look for pam in yast? a pam client? or search for an rpm and install it if it is not there.

    also in smb.conf is there anything I should
    add? I remember changing workgroup = INSC.local to
    Domain = INSC.local manually. Which one should it be and does that make a difference. Do I need to manually add any windbind statements? Need some guidance here.
    I am lost

  7. #7

    Thumbs down Re: Open Ldap kinit error

    Update on situation.
    Found kerberos client tool in yast.
    Checked off use kerberos.
    Clicked ok. Said it was installing pam.
    after that still no pam_unix2.conf file in /etc/security
    Even though the domain is visable in kde
    same effect if i pick the domain and a domain user
    it fails to authenticate. but under windows domain membership seems to be a member of the domain. I can only click leave. When I tried to leave got this error
    :failed to leave domain: failed to disable machine account via rpc: NT_STATUS_NONE_MAPPED. will search around in yast for pam, or pam rpms. Somebody Help, hope editing krb5.conf
    by hand originally didn't cause this.

  8. #8

    Thumbs down Re: Open Ldap kinit error

    update went into ldpad client config put in my dc as the ldap server. dc=Insc.local com=local.
    then went back to domain member ship and my server is no longer a member of the domain.

    tried to add it and got Failed to join domain: failed to connect to AD: Cannot resolve network address for KDC in requested realm. Heeeelp!

    No scratch that tried a second time now it says it joined successfully.
    Have to walk over now again to see if i can get in to server locally with any domain accounts.

  9. #9

    Question Re: Open Ldap kinit error

    update again didn't walk over. but it seems that I have the permissions on the ADnetwork of the user i added the linux box with. cause I can browse all the resources that belong to my user. Only question is now how do i assign permissions to shares I create on my Linux server to current Active Directory users in INSC.LOCAL Domain?

  10. #10

    Question Re: Open Ldap kinit error

    Update again.
    For some strange reason even though the Domain
    name shows up on the kde loginscreen ,at the server
    Authentication fails there.I mean interactively.
    Also if i fail to login several times, kde freezes and I am forced to reboot. Also it freezes everytime I log off. I added the server as a regular user and not administrator. Not sure if that has anything to do with it.
    However if I log it in locally, the Windows Domain membership in yast has me in INSC.LOCAL, and I can view all the servers and directories that the user I used to add the linux server to the AD had. I might be able to work around this but it doesn't make any sense. What I need
    is a way to assign ad users rights, to my linux shares.
    optionally probably would be a good thing to be able to log in interactively. I don't have an ldap server running on the linux server. Although I did configure it but I shut it off. I am using ldap as my backend.
    After configuring the Samba client and kerberos client was able to add the server. Do I need to run an ldap server to share my linux shares?

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •