Hi; Please I would like to know which are the corrects values to set into the samba/kerberos configuration to ads protocol works fine. My platform is : Windows server 2008 R2 with AD LDAP is : 187.0.17.104 (CINVW067) Linux server with Samba/Winbind version 3.5.12 + kerberos 1.4 : 187.0.22.177 (CILVS049) When I try to join the AD via ADS protocol I have a error : segmentation fault : # net ads join -S CINVW067 -U administrateur%laposte+1 Segmentation fault The kinit works fine : # kinit administrateur Password for administrateur@xxxxxxxxxxxxxxxxxxxxxxxxx: # klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: administrateur@xxxxxxxxxxxxxxxxxxxxxxxxx Valid starting Expires Service principal 11/21/11 09:56:18 11/21/11 16:36:18 krbtgt/P9BIS.NEOPLUS.LAPOSTE.POC@xxxxxxxxxxxxxxxxxxxxxxxxx Kerberos 4 ticket cache: /tmp/tkt0 klist: You have no tickets cached wbinfo -u et wbinfo -g work fine : # wbinfo -u administrateur invité admin_local krbtgt sp-farm sp-serviceapp sp-apppool sql-service sp-usersync My configuration is as follows : hosts file on the linux server : # cat /etc/hosts 127.0.0.1 local.localdomain localhost CILVS049 187.0.22.177 CILVS049.p9bis.neoplus.laposte.poc CILVS049 187.0.17.104 CINVW067.p9bis.neoplus.laposte.poc CINVW067 #cat /etc/samba/smb.conf : [global] dedicated keytab file = /etc/krb5.keytab kerberos method = secrets and keytab security = ads client use spnego = yes realm = P9BIS.NEOPLUS.LAPOSTE.POC server string = CILVS049 workgroup = P9BIS password server = 187.0.17.104.p9bis.neoplus.laposte.poc interfaces = 127.0.0.1 eth0 bind interfaces only = true printing = cups printcap name = cups load printers = yes idmap uid = 10000-20000 idmap gid = 10000-20000 #idmap backend = ad winbind enum users = yes winbind enum groups = yes client use spnego = yes encrypt passwords = yes winbind nested groups = yes winbind separator = / winbind nss info = sfu winbind cache time = 3600 winbind use default domain = yes preferred master = no domain master = no restrict anonymous = 2 log file = /var/log/samba/log.smbd max log size = 50 usershare allow guests = no netbios name = CILVS049 #wins server = 187.0.17.104 #wins proxy = no dns proxy = no socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 #cat /etc/krb5.conf : [libdefaults] default_realm = P9BIS.NEOPLUS.LAPOSTE.POC default_keytab_name = FILE:/etc/krb5.keytab kdc_timesync = 1 ticket_lifetime = 24000 dns_lookup_kdc = true dns_lookup_realm = true forwardable = true fcc-mit-ticketflags = true clockskew = 300 [realms] P9BIS.NEOPLUS.LAPOSTE.POC = { kdc = 187.0.17.104:88 default_domain = p9bis.neoplus.laposte.poc admin_server = 187.0.17.104:749 } [logging] kdc = FILE:/var/log/krb5/krb5kdc.log admin_server = FILE:/var/log/krb5/kadmind.log default = SYSLOG:NOTICE:DAEMON [domain_realm] MONWORKGROUP = P9BIS.NEOPLUS.LAPOSTE.POC .p9bis.neoplus.laposte.poc = P9BIS.NEOPLUS.LAPOSTE.POC [appdefaults] pam = { ticket_lifetime = 1d renew_lifetime = 1d forwardable = true proxiable = false retain_after_close = false minimum_uid = 1 try_first_pass = true } kinit = { forwardable = true proxiable = false renewable = true retain_after_close = false minimum_uid = 1 try_first_pass = true } # cat /etc/resolv.conf nameserver 187.0.17.3 nameserver 187.0.17.4 nameserver 187.0.17.104 search p9bis.neoplus.laposte.poc #cat /etc/nsswitch.conf passwd: files winbind group: files winbind shadow: files winbind hosts: files mdns4_minimal [NOTFOUND=return] dns mdns4 networks: files services: files protocols: files rpc: files ethers: files netmasks: files netgroup: files publickey: files bootparams: files automount: files aliases: files How my configuration Samba/kerberos/winbind fails with ADS ? Regards -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba