Linux winbind troubleshooting
Active directory uses Kerberos to verify user or host identity.
The kinit command can be used to test the Kerberos authentication mechanism
The kinit command obtains and caches Kerberos ticket-granting tickets
Use the kinit commands as follows
active-directory-user should be changed to any Active Directory user account.
If the user exists you should get a password response similiar to the following.
Password for active-directory-user@DOMAIN.LOCAL:
Type the password in and you should get the following response
Authenticated to Kerberos v5
Ticket cache: FILE:/tmp/krb5cc_0 Default principal: active-directory-user@DOMAIN.LOCAL Valid starting Expires Service principal 06/01/11 14:49:30 06/02/11 00:49:35 krbtgt/DOMAIN.LOCAL@DOMAIN.LOCAL renew until 06/02/11 14:49:30 Kerberos 4 ticket cache: /tmp/tkt0 klist: You have no tickets cached
Ping to winbindd succeeded on fd 4
Error looking up domain users
checking the trust secret via RPC calls failed error code was NT_STATUS_DOMAIN_CONTROLLER_NOT_FOUND (0xc0000233) Could not check secret