I am running into the following error when attempting to join a domain:
root@sparky:/usr/local/samba# ./bin/net ads join -U administrator
administrator's password:
[2005/09/24 11:22:41, 0] utils/net_ads.c:ads_startup(191)
ads_connect: Cannot contact any KDC for requested realm
However, this seems to work:
root@sparky:/usr/local/samba# kinit administrator@BOCA.PRI
Password for administrator@BOCA.PRI:
I have no krb5.conf file. Here's my smb.conf:
[global]
workgroup = BOCA
netbios name = SPARKY
realm = BOCA.PRI
security = ADS
server string = Sparky Data
security = ADS
allow trusted domains = no
idmap backend = idmap_rid:BOCA=500-100000000
idmap uid = 500-100000000
idmap gid = 500-100000000
template shell = /bin/bash
winbind use default domain = yes
winbind enum users = no
winbind enum groups = no
winbind nested groups = yes
I am using the latest Samba, MIT Kerberos and Openldap ( along with the
latest Berkeley DB ). My network config is as follows:
My main network is 192.168.1.0/24 ( with the DC living at 192.168.1.11
). This machine in question lives at 192.168.3.1, a remote site linked
via openvpn. DNS records are set correctly, in fact this machine is set
to use 192.168.1.11 as it's DNS server. I can ping boca.pri and it
resolves to the dc. kinit works when I enter in the correct username
and password combo ( ie: kinit administrator@BOCA.PRI works fine ).
Can anybody give me any other ideas to try?
Sean
