[Freeipa-users] Freeipa-users Digest, Vol 98, Issue 84

[Alexander Bokovoy]

On to, 29 syys 2016, Sébastien Julliot wrote:
>Hello everyone,
>
>
>I am trying to integrate a samba server over my freeipa install. For the
>moment, basics first,
>
>the samba server is on the same machine as freeipa (which fqdn is
>"freeipa2.ljll.math.upmc.fr").
>
>Yet I am unable to make it work correctly following the official howto
><http://www.freeipa.org/page/Howto/Integrating_a_Samba_File_Server_With_IPA>.
>
>/I must precise that I am running on an Ubuntu 16.04 server./
>
>Here are the steps :
>
>0) ipa-adtrust-install
>
>    -> everything correct
No, it is not.

Read this:
https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1552249

All your errors are due to mix of Heimdal and MIT Kerberos libraries in
the same process namespace.


There is no solution for Ubuntu atm.
>
>1) installing required packages
>
>    -> needed to change the names to "apt-get install freeipa-client libwbclient-sssd samba samba-client" but worked fine
>
>2) |ipa-client-install --mkhomedir|
>
>    -> as we are on the same server, ipa-client is already installed
>
>3) |ipa service-add cifs/freeipa2.ljll.math.upmc.fr|
>
>||
>
>    -> seems to be working fine, yet not doing it gives the exact same results later ..
>
>4) |ipa-getkeytab -s freeipa2.ljll.math.upmc.fr -p
>cifs/freeipa2.ljll.math.upmc.fr -k /etc/samba/samba.keytab|
>
>|    -> OK|
>
>|5) Editing /etc/samba/smb.conf|
>
>|6) enabling samba /home sharing -> no selinux here so nothing to do 7)
>restart samba -> OK |
>
>||||After getting a kerberos ticket, `|smbclient -k -L
>freeipa2.ljll.math.upmc.fr` gives :
>
>|
>
>||krb5_init_context failed (invalid argument)
>
>smb_krb5_context_init_basic failed (invalid argument)
>
>Failed to initialize kerberos context! (invalid argument)
>
>session setup failed: NT_STATUS_NO_MEMORY
>
>
>
>Editing /etc/samba/smb.conf to comment the `security = ads` line makes
>it more verbose:
>
>krb5_init_context failed (Argument invalide)
>
>smb_krb5_context_init_basic failed (Argument invalide)
>
>Domain=[LJLL] OS=[Windows 6.1] Server=[Samba 4.3.11-Ubuntu]
>
>    Sharename       Type      Comment
>
>    ---------       ----      -------
>
>krb5_init_context failed (Argument invalide)
>
>smb_krb5_context_init_basic failed (Argument invalide)
>
>    print$          Disk      Printer Drivers
>
>    shared          Disk
>
>    IPC$            IPC       IPC Service (freeipa2 server (Samba, Ubuntu))
>
>krb5_init_context failed (Argument invalide)
>
>smb_krb5_context_init_basic failed (Argument invalide)
>
>Domain=[LJLL] OS=[Windows 6.1] Server=[Samba 4.3.11-Ubuntu]
>
>    Server               Comment
>
>    ---------            -------
>
>    FREEIPA2             freeipa2 server (Samba, Ubuntu)
>
>    Workgroup            Master
>
>    ---------            -------
>
>    LJLL
>
>
>Does anyone have ideas how to solve this ?
>
>Many thanks in advance,
>Sebastien.

>-- 
>Manage your subscription for the Freeipa-users mailing list:
>https://www.redhat.com/mailman/listinfo/freeipa-users
>Go to http://freeipa.org for more info on the project


-- 
/ Alexander Bokovoy