Samba 3 unable to join as ADS domain member
Rajesh kanna
tr_rajeshkanna at yahoo.com
Tue Jan 9 13:26:34 UTC 2007
Hi All,
I am trying to bind my linux box ( RHEL 3 U6 ) to an win2003 ADS domain. I get the following error message.
#net ads join -UAdministrator
Administrator's passwd :
utils/net_ads.c:ads_startup(289)
ads_connect: No credentials found with support encrypted types
The following is what i tried
kinit administrator at MYDOMAIN.COM
it gives me the prompt with no error
#wbinfo -g
BUILTIN+administrators
BUILTIN+users
#wbinfo -u
Error looking up domain users
#net ads info
LDAP server : ADSSERVER
ldap server name : ADSSERVER.MYDOMAIN.COM
REALM : MYDOMAIN.COM
Bind path : dc=mydomain,dc=com
ldap port = 389
kdc server : ADS server
The following is the config
/etc/nsswitch.conf
passwd: files winbind
shadow: files winbind
group: files winbind
#hosts: db files nisplus nis dns
hosts: files dns winbind
/etc/samba/smb.conf
[global]
workgroup = ADSSERVER
password server = ADSSERVER
realm = MYDOMAIN.COM
security = ADS
template shell = /bin/bash
winbind separator = +
idmap uid = 500-10000000
idmap gid = 500-10000000
winbind use default domain = yes
winbind nested groups = yes
/etc/krb5.conf
[libdefaults]
ticket_lifetime = 24000
default_realm = MYDOMAIN.COM
dns_lookup_realm = false
dns_lookup_kdc = false
[realms]
MYDOMAIN.COM = {
kdc = ADSSERVER IP
default_domain = MYDOMAIN.COM
}
[domain_realm]
.mydomain..com = MYDOMAIN.COM
mydomain.com = MYDOMAIN.COM
Thanks and Regards,
Rajeshkanna
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
More information about the redhat-list
mailing list