in versions after 3.0.24 joining AD domain with ads security failed # net ads join -U adminuser adminuser's password: [2007/08/07 15:05:53, 0] libads/kerberos.c:ads_kinit_password(228) kerberos_kinit_password adminuser@USR.NW.PWD.RU failed: Preauthentication failed Failed to join domain: Logon failure The same configuration samba 3.0.24 works fine.. DETAILS: SPARC Solaris 10 heimdal kerberos 1.0 [libdefaults] default_realm = USR.NW.PWD.RU dns_lookup_realm = false dns_lookup_kdc = false default_tkt_enctypes = des-cbc-md5 des-cbc-crc default_tgs_enctypes = des-cbc-md5 des-cbc-crc verify_ap_req_nofail = false [realms] USR.NW.PWD.RU = { kdc = dcpsk1.usr.nw.PWD.ru:88 kdc = dcpsk2.usr.nw.PWD.ru:88 admin_server = dcpsk1.usr.nw.PWD.ru:749 kpasswd_server = dcpsk1.usr.nw.PWD.ru:464 kpasswd_protocol = SET_CHANGE default_domain = pskov.PWD.ru } [domain_realm] usr.nw.PWD.ru = USR.NW.PWD.RU .usr.nw.PWD.ru = USR.NW.PWD.RU pskov.PWD.ru = USR.NW.PWD.RU .pskov.PWD.ru = USR.NW.PWD.RU [logging] default = FILE:/var/krb5/kdc.log kdc = FILE:/var/krb5/kdc.log kdc_rotate = { # How often to rotate kdc.log. Logs will get rotated no more # often than the period, and less often if the KDC is not used # frequently. period = 1d # how many versions of kdc.log to keep around (kdc.log.0, kdc.log.1, ...) versions = 10 } [appdefaults] kinit = { renewable = true forwardable= true } # kinit adminuser adminuser@USR.NW.PWD.RU's Password: # klist Credentials cache: FILE:/tmp/krb5cc_0 Principal: adminuser@USR.NW.PWD.RU Issued Expires Principal Aug 7 15:01:01 Aug 8 01:01:01 krbtgt/USR.NW.PWD.RU@USR.NW.PWD.RU samba configuration: CONFIGURE_ARGS=--enable-pie \ --localstatedir=/var \ --with-privatedir=/var/samba \ --with-lockdir=/var/samba \ --with-piddir=/var/run \ --with-configdir=${PREFIX}/etc/samba \ --with-logfilebase=/var/log/samba \ --with-readline --with-libiconv \ --with-ldap --with-ads --with-krb5 \ --with-pam --with-pam_smbpass \ --with-quotas --without-utmp \ --with-libmsrpc --with-libsmbclient \ --with-libsmbsharemodes \ --with-acl-support --with-aio-support \ --with-sendfile-support --with-winbind \ --without-python \ --with-shared-modules=idmap_rid,idmap_ad \ --with-libdir=${PREFIX}/lib/samba/sparcv9 \ --with-pammodulesdir=${PREFIX}/lib/security/sparcv9 \ --enable-cups --enable-iprint smb.conf [global] # unix shell template homedir = /export/home/%U template shell = /bin/sh winbind nested groups = yes log level = 3 # charset dos charset = 866 unix charset = CP1251 display charset = CP1251 security = ads password server = 10.7.5.20 10.7.5.25 realm = USR.NW.PWD.RU workgroup = USR client use spnego = yes server string = os level = 10 domain master = no preferred master = no domain logons = no ntlm auth = no lanman auth = no client NTLMv2 auth = yes wins support = no wins proxy = no winbind enum groups = yes winbind enum users = yes winbind cache time = 3600 winbind use default domain = Yes winbind nested groups = yes allow trusted domains = No idmap uid = 2000-100000000 idmap gid = 2000-100000000 idmap backend = rid:"USR=2000-100000000" nt acl support = yes # log log file = /var/log/samba/%m.log max log size = 50 socket options = TCP_NODELAY SO_SNDBUF=65536 SO_RCVBUF=65536 IPTOS_LOWDELAY use sendfile = Yes null passwords = Yes #lock spin count = 100 deadtime = 60 # printing printing = cups printcap name = cups #use client driver = no load printers = yes # net ads join -U adminuser adminuser's password: [2007/08/07 15:05:53, 0] libads/kerberos.c:ads_kinit_password(228) kerberos_kinit_password adminuser@USR.NW.PWD.RU failed: Preauthentication failed Failed to join domain: Logon failure # net -d 10 ads join -U adminuser [2007/08/07 15:06:22, 5] lib/debug.c:debug_dump_status(391) INFO: Current debug levels: all: True/10 tdb: False/0 printdrivers: False/0 lanman: False/0 smb: False/0 rpc_parse: False/0 rpc_srv: False/0 rpc_cli: False/0 passdb: False/0 sam: False/0 auth: False/0 winbind: False/0 vfs: False/0 idmap: False/0 quota: False/0 acls: False/0 locking: False/0 msdfs: False/0 dmapi: False/0 [2007/08/07 15:06:22, 3] param/loadparm.c:lp_load(5024) lp_load: refreshing parameters [2007/08/07 15:06:22, 3] param/loadparm.c:init_globals(1424) Initialising global parameters [2007/08/07 15:06:22, 3] param/params.c:pm_process(572) params.c:pm_process() - Processing configuration file "/usr/local/etc/samba/smb.conf" [2007/08/07 15:06:22, 3] param/loadparm.c:do_section(3763) Processing section "[global]" doing parameter preload modules = /usr/local/lib/samba/idmap/rid.so doing parameter template homedir = /export/home/%U doing parameter template shell = /bin/sh doing parameter winbind nested groups = yes doing parameter log level = 3 doing parameter dos charset = 866 [2007/08/07 15:06:22, 5] lib/iconv.c:smb_register_charset(105) Attempting to register new charset UCS-2LE [2007/08/07 15:06:22, 5] lib/iconv.c:smb_register_charset(113) Registered charset UCS-2LE [2007/08/07 15:06:22, 5] lib/iconv.c:smb_register_charset(105) Attempting to register new charset UTF-16LE [2007/08/07 15:06:22, 5] lib/iconv.c:smb_register_charset(113) Registered charset UTF-16LE [2007/08/07 15:06:22, 5] lib/iconv.c:smb_register_charset(105) Attempting to register new charset UCS-2BE [2007/08/07 15:06:22, 5] lib/iconv.c:smb_register_charset(113) Registered charset UCS-2BE [2007/08/07 15:06:22, 5] lib/iconv.c:smb_register_charset(105) Attempting to register new charset UTF-16BE [2007/08/07 15:06:22, 5] lib/iconv.c:smb_register_charset(113) Registered charset UTF-16BE [2007/08/07 15:06:22, 5] lib/iconv.c:smb_register_charset(105) Attempting to register new charset UTF8 [2007/08/07 15:06:22, 5] lib/iconv.c:smb_register_charset(113) Registered charset UTF8 [2007/08/07 15:06:22, 5] lib/iconv.c:smb_register_charset(105) Attempting to register new charset UTF-8 [2007/08/07 15:06:22, 5] lib/iconv.c:smb_register_charset(113) Registered charset UTF-8 [2007/08/07 15:06:22, 5] lib/iconv.c:smb_register_charset(105) Attempting to register new charset ASCII [2007/08/07 15:06:22, 5] lib/iconv.c:smb_register_charset(113) Registered charset ASCII [2007/08/07 15:06:22, 5] lib/iconv.c:smb_register_charset(105) Attempting to register new charset 646 [2007/08/07 15:06:22, 5] lib/iconv.c:smb_register_charset(113) Registered charset 646 [2007/08/07 15:06:22, 5] lib/iconv.c:smb_register_charset(105) Attempting to register new charset ISO-8859-1 [2007/08/07 15:06:22, 5] lib/iconv.c:smb_register_charset(113) Registered charset ISO-8859-1 [2007/08/07 15:06:22, 5] lib/iconv.c:smb_register_charset(105) Attempting to register new charset UCS2-HEX [2007/08/07 15:06:22, 5] lib/iconv.c:smb_register_charset(113) Registered charset UCS2-HEX [2007/08/07 15:06:22, 5] lib/charcnv.c:charset_name(82) Substituting charset 'KOI8-R' for LOCALE [2007/08/07 15:06:22, 5] lib/charcnv.c:charset_name(82) Substituting charset 'KOI8-R' for LOCALE [2007/08/07 15:06:22, 5] lib/charcnv.c:charset_name(82) Substituting charset 'KOI8-R' for LOCALE [2007/08/07 15:06:22, 5] lib/charcnv.c:charset_name(82) Substituting charset 'KOI8-R' for LOCALE [2007/08/07 15:06:22, 5] lib/charcnv.c:charset_name(82) Substituting charset 'KOI8-R' for LOCALE [2007/08/07 15:06:22, 5] lib/charcnv.c:charset_name(82) Substituting charset 'KOI8-R' for LOCALE [2007/08/07 15:06:22, 5] lib/charcnv.c:charset_name(82) Substituting charset 'KOI8-R' for LOCALE [2007/08/07 15:06:22, 5] lib/charcnv.c:charset_name(82) Substituting charset 'KOI8-R' for LOCALE [2007/08/07 15:06:22, 5] lib/charcnv.c:charset_name(82) Substituting charset 'KOI8-R' for LOCALE [2007/08/07 15:06:22, 5] lib/charcnv.c:charset_name(82) Substituting charset 'KOI8-R' for LOCALE [2007/08/07 15:06:22, 5] lib/charcnv.c:charset_name(82) Substituting charset 'KOI8-R' for LOCALE [2007/08/07 15:06:22, 5] lib/charcnv.c:charset_name(82) Substituting charset 'KOI8-R' for LOCALE [2007/08/07 15:06:22, 5] lib/charcnv.c:charset_name(82) Substituting charset 'KOI8-R' for LOCALE [2007/08/07 15:06:22, 5] lib/charcnv.c:charset_name(82) Substituting charset 'KOI8-R' for LOCALE [2007/08/07 15:06:22, 5] lib/charcnv.c:charset_name(82) Substituting charset 'KOI8-R' for LOCALE [2007/08/07 15:06:22, 5] lib/charcnv.c:charset_name(82) Substituting charset 'KOI8-R' for LOCALE [2007/08/07 15:06:22, 5] lib/charcnv.c:charset_name(82) Substituting charset 'KOI8-R' for LOCALE [2007/08/07 15:06:22, 5] lib/charcnv.c:charset_name(82) Substituting charset 'KOI8-R' for LOCALE [2007/08/07 15:06:22, 5] lib/charcnv.c:charset_name(82) Substituting charset 'KOI8-R' for LOCALE [2007/08/07 15:06:22, 5] lib/charcnv.c:charset_name(82) Substituting charset 'KOI8-R' for LOCALE [2007/08/07 15:06:22, 5] lib/charcnv.c:charset_name(82) Substituting charset 'KOI8-R' for LOCALE [2007/08/07 15:06:22, 5] lib/charcnv.c:charset_name(82) Substituting charset 'KOI8-R' for LOCALE [2007/08/07 15:06:22, 5] lib/charcnv.c:charset_name(82) Substituting charset 'KOI8-R' for LOCALE [2007/08/07 15:06:22, 5] lib/charcnv.c:charset_name(82) Substituting charset 'KOI8-R' for LOCALE doing parameter unix charset = CP1251 [2007/08/07 15:06:22, 5] lib/charcnv.c:charset_name(82) Substituting charset 'KOI8-R' for LOCALE [2007/08/07 15:06:22, 5] lib/charcnv.c:charset_name(82) Substituting charset 'KOI8-R' for LOCALE [2007/08/07 15:06:22, 5] lib/charcnv.c:charset_name(82) Substituting charset 'KOI8-R' for LOCALE [2007/08/07 15:06:22, 5] lib/charcnv.c:charset_name(82) Substituting charset 'KOI8-R' for LOCALE [2007/08/07 15:06:22, 5] lib/charcnv.c:charset_name(82) Substituting charset 'KOI8-R' for LOCALE [2007/08/07 15:06:22, 5] lib/charcnv.c:charset_name(82) Substituting charset 'KOI8-R' for LOCALE [2007/08/07 15:06:22, 5] lib/charcnv.c:charset_name(82) Substituting charset 'KOI8-R' for LOCALE [2007/08/07 15:06:22, 5] lib/charcnv.c:charset_name(82) Substituting charset 'KOI8-R' for LOCALE [2007/08/07 15:06:22, 5] lib/charcnv.c:charset_name(82) Substituting charset 'KOI8-R' for LOCALE [2007/08/07 15:06:22, 5] lib/charcnv.c:charset_name(82) Substituting charset 'KOI8-R' for LOCALE [2007/08/07 15:06:22, 5] lib/charcnv.c:charset_name(82) Substituting charset 'KOI8-R' for LOCALE [2007/08/07 15:06:22, 5] lib/charcnv.c:charset_name(82) Substituting charset 'KOI8-R' for LOCALE doing parameter display charset = CP1251 doing parameter security = ads doing parameter password server = 10.7.5.20 10.7.5.25 doing parameter realm = USR.NW.PWD.RU doing parameter workgroup = USR doing parameter client use spnego = yes doing parameter server string = doing parameter os level = 10 doing parameter domain master = no doing parameter preferred master = no doing parameter domain logons = no doing parameter ntlm auth = no doing parameter lanman auth = no doing parameter client NTLMv2 auth = yes doing parameter wins support = no doing parameter wins proxy = no doing parameter winbind enum groups = yes doing parameter winbind enum users = yes doing parameter winbind cache time = 3600 doing parameter winbind use default domain = Yes doing parameter winbind nested groups = yes doing parameter allow trusted domains = No doing parameter idmap uid = 2000-100000000 doing parameter idmap gid = 2000-100000000 doing parameter idmap backend = rid:"USR=2000-100000000" doing parameter nt acl support = yes doing parameter log file = /var/log/samba/%m.log doing parameter max log size = 50 doing parameter socket options = TCP_NODELAY SO_SNDBUF=65536 SO_RCVBUF=65536 IPTOS_LOWDELAY doing parameter use sendfile = Yes doing parameter null passwords = Yes doing parameter deadtime = 60 doing parameter printing = cups doing parameter printcap name = cups doing parameter load printers = yes [2007/08/07 15:06:22, 4] param/loadparm.c:lp_load(5055) pm_process() returned Yes [2007/08/07 15:06:22, 7] param/loadparm.c:lp_servicenumber(5193) lp_servicenumber: couldn't find homes [2007/08/07 15:06:22, 10] param/loadparm.c:set_server_role(4299) set_server_role: role = ROLE_DOMAIN_MEMBER [2007/08/07 15:06:22, 5] lib/util.c:init_names(287) Netbios name list:- my_netbios_names[0]="PENELOPAOLD" [2007/08/07 15:06:22, 2] lib/interface.c:add_interface(81) added interface ip=10.7.5.2 bcast=10.7.5.255 nmask=255.255.255.0 [2007/08/07 15:06:22, 5] lib/gencache.c:gencache_init(61) Opening cache file at /var/samba/gencache.tdb [2007/08/07 15:06:22, 10] lib/gencache.c:gencache_get(226) Returning valid cache entry: key = AD_SITENAME/DOMAIN/USR.NW.PWD.RU, value = Pskov, timeout = Sun Feb 7 09:28:15 2106 [2007/08/07 15:06:22, 5] libads/dns.c:sitename_fetch(679) sitename_fetch: Returning sitename for USR.NW.PWD.RU: "Pskov" [2007/08/07 15:06:22, 4] libsmb/namequery_dc.c:ads_dc_name(73) ads_dc_name: domain=USR [2007/08/07 15:06:22, 10] lib/gencache.c:gencache_get(226) Returning valid cache entry: key = AD_SITENAME/DOMAIN/USR.NW.PWD.RU, value = Pskov, timeout = Sun Feb 7 09:28:15 2106 [2007/08/07 15:06:22, 5] libads/dns.c:sitename_fetch(679) sitename_fetch: Returning sitename for USR.NW.PWD.RU: "Pskov" [2007/08/07 15:06:22, 6] libads/ldap.c:ads_find_dc(294) ads_find_dc: looking for realm 'USR.NW.PWD.RU' [2007/08/07 15:06:22, 8] libsmb/namequery.c:get_sorted_dc_list(1626) get_sorted_dc_list: attempting lookup for name USR.NW.PWD.RU (sitename Pskov) using [ads] [2007/08/07 15:06:22, 10] lib/gencache.c:gencache_get(226) Returning valid cache entry: key = SAF/DOMAIN/USR.NW.PWD.RU, value = 10.7.5.20, timeout = Tue Aug 7 15:20:53 2007 [2007/08/07 15:06:22, 5] libsmb/namequery.c:saf_fetch(136) saf_fetch: Returning "10.7.5.20" for "USR.NW.PWD.RU" domain [2007/08/07 15:06:22, 3] libsmb/namequery.c:get_dc_list(1489) get_dc_list: preferred server list: "10.7.5.20, 10.7.5.20 10.7.5.25" [2007/08/07 15:06:22, 10] lib/gencache.c:gencache_get(226) Returning valid cache entry: key = AD_SITENAME/DOMAIN/USR.NW.PWD.RU, value = Pskov, timeout = Sun Feb 7 09:28:15 2106 [2007/08/07 15:06:22, 5] libads/dns.c:sitename_fetch(679) sitename_fetch: Returning sitename for USR.NW.PWD.RU: "Pskov" [2007/08/07 15:06:22, 10] lib/gencache.c:gencache_get(226) Returning valid cache entry: key = AD_SITENAME/DOMAIN/USR.NW.PWD.RU, value = Pskov, timeout = Sun Feb 7 09:28:15 2106 [2007/08/07 15:06:22, 5] libads/dns.c:sitename_fetch(679) sitename_fetch: Returning sitename for USR.NW.PWD.RU: "Pskov" [2007/08/07 15:06:22, 10] lib/gencache.c:gencache_get(226) Returning valid cache entry: key = AD_SITENAME/DOMAIN/USR.NW.PWD.RU, value = Pskov, timeout = Sun Feb 7 09:28:15 2106 [2007/08/07 15:06:22, 5] libads/dns.c:sitename_fetch(679) sitename_fetch: Returning sitename for USR.NW.PWD.RU: "Pskov" [2007/08/07 15:06:22, 10] libsmb/namequery.c:remove_duplicate_addrs2(435) remove_duplicate_addrs2: looking for duplicate address/port pairs [2007/08/07 15:06:22, 4] libsmb/namequery.c:get_dc_list(1599) get_dc_list: returning 2 ip addresses in an ordered list [2007/08/07 15:06:22, 4] libsmb/namequery.c:get_dc_list(1600) get_dc_list: 10.7.5.20:389 10.7.5.25:389 [2007/08/07 15:06:22, 5] libads/ldap.c:ads_try_connect(180) ads_try_connect: sending CLDAP request to 10.7.5.20 (realm: USR.NW.PWD.RU) [2007/08/07 15:06:22, 10] libads/dns.c:sitename_store(640) sitename_store: realm = [USR.NW.PWD.RU], sitename = [Pskov], expire = [4294967295] [2007/08/07 15:06:22, 10] lib/gencache.c:gencache_set(140) Adding cache entry with key = AD_SITENAME/DOMAIN/USR.NW.PWD.RU; value = Pskov and timeout = (NULL) (-1186484783 seconds ahead) [2007/08/07 15:06:22, 3] libads/ldap.c:ads_connect(394) Connected to LDAP server 10.7.5.20 [2007/08/07 15:06:22, 10] lib/gencache.c:gencache_get(226) Returning valid cache entry: key = AD_SITENAME/DOMAIN/USR.NW.PWD.RU, value = Pskov, timeout = Sun Feb 7 09:28:15 2106 [2007/08/07 15:06:22, 5] libads/dns.c:sitename_fetch(679) sitename_fetch: Returning sitename for USR.NW.PWD.RU: "Pskov" [2007/08/07 15:06:22, 10] libads/ldap.c:ads_closest_dc(149) ads_closest_dc: ADS_CLOSEST flag set [2007/08/07 15:06:22, 10] libads/kerberos.c:create_local_private_krb5_conf_for_domain(612) create_local_private_krb5_conf_for_domain: fname = /var/samba/smb_krb5/krb5.conf.USR, realm = USR.NW.PWD.RU, domain = USR [2007/08/07 15:06:22, 10] lib/gencache.c:gencache_get(226) Returning valid cache entry: key = SAF/DOMAIN/USR.NW.PWD.RU, value = 10.7.5.20, timeout = Tue Aug 7 15:20:53 2007 [2007/08/07 15:06:22, 5] libsmb/namequery.c:saf_fetch(136) saf_fetch: Returning "10.7.5.20" for "USR.NW.PWD.RU" domain [2007/08/07 15:06:22, 3] libsmb/namequery.c:get_dc_list(1489) get_dc_list: preferred server list: "10.7.5.20, 10.7.5.20 10.7.5.25" [2007/08/07 15:06:22, 10] lib/gencache.c:gencache_get(226) Returning valid cache entry: key = AD_SITENAME/DOMAIN/USR.NW.PWD.RU, value = Pskov, timeout = Sun Feb 7 09:28:15 2106 [2007/08/07 15:06:22, 5] libads/dns.c:sitename_fetch(679) sitename_fetch: Returning sitename for USR.NW.PWD.RU: "Pskov" [2007/08/07 15:06:22, 10] lib/gencache.c:gencache_get(226) Returning valid cache entry: key = AD_SITENAME/DOMAIN/USR.NW.PWD.RU, value = Pskov, timeout = Sun Feb 7 09:28:15 2106 [2007/08/07 15:06:22, 5] libads/dns.c:sitename_fetch(679) sitename_fetch: Returning sitename for USR.NW.PWD.RU: "Pskov" [2007/08/07 15:06:22, 10] lib/gencache.c:gencache_get(226) Returning valid cache entry: key = AD_SITENAME/DOMAIN/USR.NW.PWD.RU, value = Pskov, timeout = Sun Feb 7 09:28:15 2106 [2007/08/07 15:06:22, 5] libads/dns.c:sitename_fetch(679) sitename_fetch: Returning sitename for USR.NW.PWD.RU: "Pskov" [2007/08/07 15:06:22, 10] libsmb/namequery.c:remove_duplicate_addrs2(435) remove_duplicate_addrs2: looking for duplicate address/port pairs [2007/08/07 15:06:22, 4] libsmb/namequery.c:get_dc_list(1599) get_dc_list: returning 2 ip addresses in an ordered list [2007/08/07 15:06:22, 4] libsmb/namequery.c:get_dc_list(1600) get_dc_list: 10.7.5.20:389 10.7.5.25:389 [2007/08/07 15:06:22, 10] lib/gencache.c:gencache_get(226) Returning valid cache entry: key = SAF/DOMAIN/USR.NW.PWD.RU, value = 10.7.5.20, timeout = Tue Aug 7 15:20:53 2007 [2007/08/07 15:06:22, 5] libsmb/namequery.c:saf_fetch(136) saf_fetch: Returning "10.7.5.20" for "USR.NW.PWD.RU" domain [2007/08/07 15:06:22, 3] libsmb/namequery.c:get_dc_list(1489) get_dc_list: preferred server list: "10.7.5.20, 10.7.5.20 10.7.5.25" [2007/08/07 15:06:22, 10] lib/gencache.c:gencache_get(226) Returning valid cache entry: key = AD_SITENAME/DOMAIN/USR.NW.PWD.RU, value = Pskov, timeout = Sun Feb 7 09:28:15 2106 [2007/08/07 15:06:22, 5] libads/dns.c:sitename_fetch(679) sitename_fetch: Returning sitename for USR.NW.PWD.RU: "Pskov" [2007/08/07 15:06:22, 10] lib/gencache.c:gencache_get(226) Returning valid cache entry: key = AD_SITENAME/DOMAIN/USR.NW.PWD.RU, value = Pskov, timeout = Sun Feb 7 09:28:15 2106 [2007/08/07 15:06:22, 5] libads/dns.c:sitename_fetch(679) sitename_fetch: Returning sitename for USR.NW.PWD.RU: "Pskov" [2007/08/07 15:06:22, 10] lib/gencache.c:gencache_get(226) Returning valid cache entry: key = AD_SITENAME/DOMAIN/USR.NW.PWD.RU, value = Pskov, timeout = Sun Feb 7 09:28:15 2106 [2007/08/07 15:06:22, 5] libads/dns.c:sitename_fetch(679) sitename_fetch: Returning sitename for USR.NW.PWD.RU: "Pskov" [2007/08/07 15:06:22, 10] libsmb/namequery.c:remove_duplicate_addrs2(435) remove_duplicate_addrs2: looking for duplicate address/port pairs [2007/08/07 15:06:22, 4] libsmb/namequery.c:get_dc_list(1599) get_dc_list: returning 2 ip addresses in an ordered list [2007/08/07 15:06:22, 4] libsmb/namequery.c:get_dc_list(1600) get_dc_list: 10.7.5.20:389 10.7.5.25:389 [2007/08/07 15:06:22, 10] libads/kerberos.c:get_kdc_ip_string(563) get_kdc_ip_string: Returning kdc = 10.7.5.20 kdc = 10.7.5.25 kdc = 10.7.5.25 [2007/08/07 15:06:22, 5] libads/kerberos.c:create_local_private_krb5_conf_for_domain(681) create_local_private_krb5_conf_for_domain: wrote file /var/samba/smb_krb5/krb5.conf.USR with realm USR.NW.PWD.RU KDC = 10.7.5.20 [2007/08/07 15:06:22, 4] libsmb/namequery_dc.c:ads_dc_name(131) ads_dc_name: using server='DCPSK1.USR.NW.PWD.RU' IP=10.7.5.20 adminuser's password: [2007/08/07 15:06:25, 10] lib/gencache.c:gencache_get(226) Returning valid cache entry: key = AD_SITENAME/DOMAIN/USR.NW.PWD.RU, value = Pskov, timeout = Sun Feb 7 09:28:15 2106 [2007/08/07 15:06:25, 5] libads/dns.c:sitename_fetch(679) sitename_fetch: Returning sitename for USR.NW.PWD.RU: "Pskov" [2007/08/07 15:06:25, 6] libads/ldap.c:ads_find_dc(294) ads_find_dc: looking for realm 'USR.NW.PWD.RU' [2007/08/07 15:06:25, 8] libsmb/namequery.c:get_sorted_dc_list(1626) get_sorted_dc_list: attempting lookup for name USR.NW.PWD.RU (sitename Pskov) using [ads] [2007/08/07 15:06:25, 10] lib/gencache.c:gencache_get(226) Returning valid cache entry: key = SAF/DOMAIN/USR.NW.PWD.RU, value = 10.7.5.20, timeout = Tue Aug 7 15:20:53 2007 [2007/08/07 15:06:25, 5] libsmb/namequery.c:saf_fetch(136) saf_fetch: Returning "10.7.5.20" for "USR.NW.PWD.RU" domain [2007/08/07 15:06:25, 3] libsmb/namequery.c:get_dc_list(1489) get_dc_list: preferred server list: "10.7.5.20, 10.7.5.20 10.7.5.25" [2007/08/07 15:06:25, 10] lib/gencache.c:gencache_get(226) Returning valid cache entry: key = AD_SITENAME/DOMAIN/USR.NW.PWD.RU, value = Pskov, timeout = Sun Feb 7 09:28:15 2106 [2007/08/07 15:06:25, 5] libads/dns.c:sitename_fetch(679) sitename_fetch: Returning sitename for USR.NW.PWD.RU: "Pskov" [2007/08/07 15:06:25, 10] lib/gencache.c:gencache_get(226) Returning valid cache entry: key = AD_SITENAME/DOMAIN/USR.NW.PWD.RU, value = Pskov, timeout = Sun Feb 7 09:28:15 2106 [2007/08/07 15:06:25, 5] libads/dns.c:sitename_fetch(679) sitename_fetch: Returning sitename for USR.NW.PWD.RU: "Pskov" [2007/08/07 15:06:25, 10] lib/gencache.c:gencache_get(226) Returning valid cache entry: key = AD_SITENAME/DOMAIN/USR.NW.PWD.RU, value = Pskov, timeout = Sun Feb 7 09:28:15 2106 [2007/08/07 15:06:25, 5] libads/dns.c:sitename_fetch(679) sitename_fetch: Returning sitename for USR.NW.PWD.RU: "Pskov" [2007/08/07 15:06:25, 10] libsmb/namequery.c:remove_duplicate_addrs2(435) remove_duplicate_addrs2: looking for duplicate address/port pairs [2007/08/07 15:06:25, 4] libsmb/namequery.c:get_dc_list(1599) get_dc_list: returning 2 ip addresses in an ordered list [2007/08/07 15:06:25, 4] libsmb/namequery.c:get_dc_list(1600) get_dc_list: 10.7.5.20:389 10.7.5.25:389 [2007/08/07 15:06:25, 5] libads/ldap.c:ads_try_connect(180) ads_try_connect: sending CLDAP request to 10.7.5.20 (realm: USR.NW.PWD.RU) [2007/08/07 15:06:25, 10] libads/dns.c:sitename_store(640) sitename_store: realm = [USR.NW.PWD.RU], sitename = [Pskov], expire = [4294967295] [2007/08/07 15:06:25, 10] lib/gencache.c:gencache_set(140) Adding cache entry with key = AD_SITENAME/DOMAIN/USR.NW.PWD.RU; value = Pskov and timeout = (NULL) (-1186484786 seconds ahead) [2007/08/07 15:06:25, 3] libads/ldap.c:ads_connect(394) Connected to LDAP server 10.7.5.20 [2007/08/07 15:06:25, 10] libads/ldap.c:ads_closest_dc(149) ads_closest_dc: ADS_CLOSEST flag set [2007/08/07 15:06:25, 10] libsmb/namequery.c:saf_store(74) saf_store: domain = [USR], server = [10.7.5.20], expire = [1186485685] [2007/08/07 15:06:25, 10] lib/gencache.c:gencache_set(140) Adding cache entry with key = SAF/DOMAIN/USR; value = 10.7.5.20 and timeout = Tue Aug 7 15:21:25 2007 (900 seconds ahead) [2007/08/07 15:06:25, 10] libsmb/namequery.c:saf_store(74) saf_store: domain = [USR.NW.PWD.RU], server = [10.7.5.20], expire = [1186485685] [2007/08/07 15:06:25, 10] lib/gencache.c:gencache_set(140) Adding cache entry with key = SAF/DOMAIN/USR.NW.PWD.RU; value = 10.7.5.20 and timeout = Tue Aug 7 15:21:25 2007 (900 seconds ahead) [2007/08/07 15:06:25, 4] libads/ldap.c:ads_current_time(2414) time offset is 0 seconds [2007/08/07 15:06:25, 4] libads/sasl.c:ads_sasl_bind(521) Found SASL mechanism GSS-SPNEGO [2007/08/07 15:06:25, 3] libads/sasl.c:ads_sasl_spnego_bind(213) ads_sasl_spnego_bind: got OID=1 2 840 48018 1 2 2 [2007/08/07 15:06:25, 3] libads/sasl.c:ads_sasl_spnego_bind(213) ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 [2007/08/07 15:06:25, 3] libads/sasl.c:ads_sasl_spnego_bind(213) ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 3 [2007/08/07 15:06:25, 3] libads/sasl.c:ads_sasl_spnego_bind(213) ads_sasl_spnego_bind: got OID=1 3 6 1 4 1 311 2 2 10 [2007/08/07 15:06:25, 3] libads/sasl.c:ads_sasl_spnego_bind(222) ads_sasl_spnego_bind: got server principal name = dcpsk1$@USR.NW.PWD.RU [2007/08/07 15:06:25, 3] libsmb/clikrb5.c:ads_krb5_mk_req(593) ads_krb5_mk_req: krb5_cc_get_principal failed (No such file or directory) [2007/08/07 15:06:25, 10] libads/sasl.c:ads_sasl_spnego_bind(262) ads_sasl_spnego_krb5_bind failed with: No such file or directory, calling kinit [2007/08/07 15:06:25, 10] libads/kerberos.c:kerberos_kinit_password_ext(91) kerberos_kinit_password: using [MEMORY:net_ads] as ccache and config [/var/samba/smb_krb5/krb5.conf.USR] [2007/08/07 15:06:25, 0] libads/kerberos.c:ads_kinit_password(228) kerberos_kinit_password adminuser@USR.NW.PWD.RU failed: Preauthentication failed [2007/08/07 15:06:25, 1] utils/net_ads.c:net_ads_join(1470) error on ads_startup: Preauthentication failed Failed to join domain: Logon failure [2007/08/07 15:06:25, 2] utils/net.c:main(1032) return code = -1
*** This bug has been marked as a duplicate of 4863 ***