As I mentioned before, I have a CentOS 6.3 system using SSSD (only) bound to the (separate) samba4 DC as an LDAP/krb5 server. Client is using Samba 3.5.10.
I have successfully joined the client to the domain. Keytab is fine, kerberos works, ldapsearch works, etc. DNS is good. The machine entry in the DC database looks fine, and the userPrincipleName is correct. However, any attempt to look up a user (eg with getent, id, ssh login, etc) fails and leaves this evidence of a failed SASL bind in the client's sssd log:
(Thu Aug 16 13:58:37 2012) [sssd[be[SAMBA4]]] [sasl_bind_send] (0x0100): Executing sasl bind mech: GSSAPI, user: host/gulp.icse.cornell.edu@xxxxxxxxxxxxxxxxxxxxxx (Thu Aug 16 13:58:38 2012) [sssd[be[SAMBA4]]] [sasl_bind_send] (0x0020): ldap_sasl_bind failed (53)[Server is unwilling to perform]and from the samba log on the DC, it looks as if everything proceeds OK until the connection is suddenly dropped. I don't see what the reason
for this is; a level 10 log is at: http://www.cbe.cornell.edu/~smt/samba4.log (the DC is s6a.titan.test.cornell.edu, and the client is gulp.icse.cornell.edu, on the same LAN segment. The kerberos realm is TITAN.TEST.CORNELL.EDU).I'd appreciate it if someone could take a look at this debug log and try to pinpoint the cause, because I surely can't see it. TIA!
Steve -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Linux] [Info Cyrus] [LARTC] [Bugtraq] [Netfilter] [Internet Dating Forums] [RAID] [Yosemite News] [Photography]