CentrifyDC Express 64-bit and Samba 32-bit

Two quesitons:

OS: AIX 7.1 TL5

Installed Centrify DC 2017 Express with adbindproxy 5.4.0

Samba 4.6.4 AIX Opensource Toolkit version

Ran adbindproxy.pl --info

CentrifyDC Version           = 5.4.2-668
CentrifyDC Architecture      = 64-bit

Samba Version                = 4.6.4
Samba Architecture           = 32-bit

Samba Version Supported      = no
Samba and CDC in same Realm  = yes
Samba and CDC share machine account = yes
Password sync using libtdb   = false

Question 1: Is the stack above supported for the CDCE?

Zone:              Auto Zone
Last password set: 2017-12-12 14:10:40 CST
CentrifyDC mode:   connected
Licensed Features: Disabled

The Centrify AD authentication works and has been fine through it all. Problem is the Samba component.

When I initially installed adbindproxy, Samba worked like a charm. Windows desktops were able to browse shares and users were able to read and write to them. After a reboot of the server... Never again did the shares become available again. Going on 2 days now of adleave's, adjoin's, adbindproxy.pl's, klist, kdestory's, and smb*'s.

Getting the following errors all over the place.

Error NT_STATUS_CONNECTION_REFUSED

SPNEGO(gse_krb5) NEG_TOKEN_INIT failed: NT_STATUS_NO_MEMORY
session setup failed: NT_STATUS_NO_MEMORY

Windows clients do not list the shares and they prompt for user and password, but no access to the shares.

Question 2: Any ideas, tips, troubleshooting to-do's?

----------------------------------------------------------------------------------------------------------------------------------------

CENTRIFY ADINFO RESULTS

bash-4.3# adinfo --all
Local host name:   pan
Joined to domain:  pg.local
Joined as:         psa.pg.local
Pre-win2K name:    psa
Current DC:        dc3.pg.local
Preferred site:    Co-Lo
Zone:              Auto Zone
Last password set: 2017-12-12 14:10:40 CST
CentrifyDC mode:   connected
Licensed Features: Disabled

THIS IS THE SAMBA CONF THAT ORIGINALLY WORKED.

bash-4.3# ./testparm
Load smb config files from /etc/samba/smb.conf
Processing section "[samba-test]"
Processing section "[homes]"
Loaded services file OK.
WARNING: lock directory /var/locks should have permissions 0755 for browsing to work

Server role: ROLE_DOMAIN_MEMBER

Press enter to see a dump of your service definitions

# Global parameters
[global]
enable core files = No
interfaces = en0 xxx.xxx.xxx.xxx
netbios name = PSA
realm = PG.LOCAL
workgroup = PG
machine password timeout = 0
auth methods = guest sam winbind ntdomain
kerberos method = secrets and keytab
passdb backend = tdbsam:/var/lib/samba/private/passdb.tdb
security = ADS
server signing = if_required
idmap cache time = 0
template shell = /bin/bash
winbind use default domain = Yes
idmap config * : base_tdb = 0
idmap config * : range = 1000 - 200000000
idmap config * : backend = tdb


[samba-test]
path = /samba-test
guest ok = Yes
read only = No


[homes]
comment = Home directories
browseable = No
read only = No

PROCS RUNNING...

	bash-4.3# ps -ef | grep freeware
    root 3670204 3473978   0 15:06:02  pts/1  0:00 grep freeware
    root 4259944 3605114   0 14:10:48      -  0:00 /opt/freeware/sbin/smbd -F
    root 2359688 3605114   0 14:10:48      -  0:00 /opt/freeware/sbin/smbd -F
    root 3211536 2294382   0 14:10:47      -  0:00 /opt/freeware/sbin/nmbd -F
    root 3277096 2425488   0 14:10:48      -  0:00 /opt/freeware/sbin/winbindd -F -s /etc/centrifydc/smb2.conf
    root 2425488 2294382   0 14:10:47      -  0:00 /opt/freeware/sbin/winbindd -F -s /etc/centrifydc/smb2.conf
    root 3605114 2294382   0 14:10:47      -  0:00 /opt/freeware/sbin/smbd -F
    root 2163588       1   0 12:47:49      -  0:00 /opt/freeware/sbin/cupsd -C /etc/cups/cupsd.conf -s /etc/cups/cups-files.conf
    root 2884494 3605114   0 14:10:48      -  0:00 /opt/freeware/sbin/smbd -F

	bash-4.3# ps -ef | grep adb
    root 3670214 3473978   0 15:07:04  pts/1  0:00 grep adb
    root 1901228 2294382   0 14:10:47      -  0:00 /usr/share/centrifydc/sbin/adbindd -F