Samba 3 unable to join as ADS domain member

Michael Wu mwu at mail2.tercel.com.tw
Wed Jan 10 09:20:06 UTC 2007


Hi Rajesh,

Please change the Administrator's password ( the new password can be the
same as the old one ) to see if the problem can be fixed ?

Good luck.

Michael

> 主旨:
> Samba 3 unable to join as ADS domain member
> 寄件者:
> Rajesh kanna <tr_rajeshkanna at yahoo.com>
> 日期:
> Tue, 9 Jan 2007 05:26:34 -0800 (PST)
> 收件者(To):
> redhat-list at redhat.com
>
> 收件者(To):
> redhat-list at redhat.com
>
>
>Hi All,
>
>   I am trying to bind my linux box ( RHEL 3 U6 ) to an win2003 ADS domain. I get the following error message.
>
> #net ads join -UAdministrator
>Administrator's passwd :
>
>utils/net_ads.c:ads_startup(289)
>ads_connect: No credentials found with support encrypted types
>
>The following is what i tried
>
>kinit administrator at MYDOMAIN.COM
>
>it gives me the prompt with no error 
>
>#wbinfo -g 
>BUILTIN+administrators
>BUILTIN+users
>
>#wbinfo -u
>Error looking up domain users
>
>#net ads info
>LDAP server :  ADSSERVER
>
>ldap server name : ADSSERVER.MYDOMAIN.COM
>
>REALM : MYDOMAIN.COM
>
>Bind path : dc=mydomain,dc=com
>
>ldap port = 389
>
>kdc server : ADS server
>
>The following is the config
>
>/etc/nsswitch.conf
>
>passwd:      files winbind
>shadow:      files winbind
>group:       files winbind
>#hosts:     db files nisplus nis dns
>hosts:      files dns winbind
>
>/etc/samba/smb.conf
>
>[global]
>        workgroup  =   ADSSERVER
>        password server = ADSSERVER
>        realm        = MYDOMAIN.COM
>        security     =  ADS
>        template shell = /bin/bash
>        winbind separator = +
>        idmap uid = 500-10000000
>        idmap gid = 500-10000000
>        winbind use default domain = yes
>        winbind nested groups = yes
>
> /etc/krb5.conf
>
>[libdefaults]
> ticket_lifetime = 24000
> default_realm = MYDOMAIN.COM
> dns_lookup_realm = false
> dns_lookup_kdc = false
>[realms]
> MYDOMAIN.COM = {
>  kdc = ADSSERVER IP
>  default_domain = MYDOMAIN.COM
> }
>[domain_realm]
> .mydomain..com = MYDOMAIN.COM
> mydomain.com =   MYDOMAIN.COM
>
>
>Thanks and Regards,
>Rajeshkanna
>
>__________________________________________________
>Do You Yahoo!?
>Tired of spam?  Yahoo! Mail has the best spam protection around 
>http://mail.yahoo.com 
>  
>



More information about the redhat-list mailing list