kerberos works fine for "net ads" functions but not for "net rpc". root@mips5-01-xdc:~# net --version Version 3.6.6 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ root@mips5-01-xdc:~# klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: na-xuserx@DOMAIN.ORG.AU Valid starting Expires Service principal 30/05/13 08:39:09 30/05/13 18:39:11 krbtgt/DOMAIN.ORG.AU@DOMAIN.ORG.AU renew until 31/05/13 08:39:09 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ root@mips5-01-xdc:~# net ads info LDAP server: 192.168.92.92 LDAP server name: ADX.DOMAIN.ORG.AU Realm: DOMAIN.ORG.AU Bind Path: dc=DOMAIN,dc=ORG,dc=AU LDAP port: 389 Server time: Thu, 30 May 2013 08:49:07 EST KDC server: 192.168.92.92 Server time offset: 0 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ root@mips5-01-xdc:~# net -d2 -k -S DOMAIN.ORG.AU rpc group addmem acl_stacc_nci_mips5_con xuserx rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384) WARNING: The "idmap backend" option is deprecated WARNING: The "idmap uid" option is deprecated WARNING: The "idmap gid" option is deprecated added interface eth0 ip=192.168.243.64 bcast=192.168.247.255 netmask=255.255.248.0 Registered MSG_REQ_POOL_USAGE Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED Doing kerberos session setup ads_krb5_mk_req: smb_krb5_get_credentials failed for cifs/DOMAIN.ORG.AU@DOMAIN.ORG.AU (Server not found in Kerberos database) cli_session_setup_kerberos: spnego_gen_krb5_negTokenInit failed: Server not found in Kerberos database failed session setup with NT_STATUS_UNSUCCESSFUL Could not connect to server DOMAIN.ORG.AU Connection failed: NT_STATUS_UNSUCCESSFUL failed to make ipc connection: NT_STATUS_UNSUCCESSFUL return code = -1 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ root@mips5-01-xdc:~# cat /var/run/samba/smb_krb5/krb5.conf.DOMAIN [libdefaults] default_realm = DOMAIN.ORG.AU default_tgs_enctypes = RC4-HMAC DES-CBC-CRC DES-CBC-MD5 default_tkt_enctypes = RC4-HMAC DES-CBC-CRC DES-CBC-MD5 preferred_enctypes = RC4-HMAC DES-CBC-CRC DES-CBC-MD5 [realms] DOMAIN.ORG.AU = { kdc = 192.168.92.92 } +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ root@mips5-01-xdc:~# cat /etc/krb5.conf [libdefaults] default_realm = DOMAIN.ORG.AU default_tgs_enctypes = RC4-HMAC DES-CBC-CRC DES-CBC-MD5 default_tkt_enctypes = RC4-HMAC DES-CBC-CRC DES-CBC-MD5 preferred_enctypes = RC4-HMAC DES-CBC-CRC DES-CBC-MD5 [realms] DOMAIN.ORG.AU = { kdc = 192.168.92.92 }