I've followed the tutorial at this link https://help.ubuntu.com/community/ActiveDirectoryWinbindHowto
Everything seems to be configured somewhat correctly, net rpc join worked and the realm is listed when entering the command "realm list" but I am still getting an error when trying to net ads join
kinit works and gives me a ticket shown in klist. wbinfo -g gives no output. wbinfo -a user%pass gives:
plaintext password authentication succeeded
challenge/response password authentication failed
Could not authenticate user jball with challenge response
sudo net ads testjoin -S domain.dc.com -U username -d 3 returns a bunch of errors such as failed to resolve _ldap._tcp..... (Success) and Failed to send DNS query (NT_STATUS_UNSUCCESSFUL). It successfully contacts the LDAP server, but ends in an error message saying
kinit succeeded but ads_sasl_spnego_krb5_bind failed: Invalid credentials
Join to domain is not valid: LDAP_INVALID_CREDENTIALS
If any more information is needed or if you would like me to post any config files please let me know, I will respond asap. Any help would be greatly appreciated, thanks.
Best Answer
You can try use sssd instead winbind: https://help.ubuntu.com/lts/serverguide/sssd-ad.html. Winbind as samba-technicall newsgroup suggests is now under heavy development so there will be radical changes in the future, main reason of that is to allow interdomain trusts. Please read this carefully: http://rhelblog.redhat.com/2015/04/02/sssd-vs-winbind/