Created attachment 18617 [details] Config file Problem Description: Our system requires LDAP TLS/SASL channel binding support. To achieve this, we upgraded Samba to version 4.22. The installation and configuration were completed successfully, and we were able to join the Active Directory (AD) server without issues. However, we encountered an error when attempting to create a Kerberos ticket using Samba via the net ads kerberos kinit command. Notably, when using the kinit command from the Kerberos package, the ticket is created successfully. The issue appears to be specific to Samba's net ads functionality. Steps to Reproduce: Join the domain successfully using net ads join. Run sudo net ads kerberos kinit -P. Expected Behavior: You expect the command to obtain a Kerberos ticket without errors. Actual Behavior: The command returns: failed to kinit password: NT_STATUS_INTERNAL_ERROR Environment Details: Samba Version: 4.22 OS: Ubuntu 24.04 Kerberos Version: 1.21.3
This is most likely the same issue resolved with #15840, can you verify? Unfortunately you now need to set KRB5CCNAME prior to calling net in that way. *** This bug has been marked as a duplicate of bug 15840 ***