Hi, I'm presently testing to upgrade from 3.0.22 to 3.0.25 and have an ads problem. net -d 10 -s /etc/samba/smb.conf ads join 3.0.25: ======[2007/07/18 12:03:11, 4] libsmb/namequery_dc.c:ads_dc_name(131) ads_dc_name: using server='ADS-2K3.ADS2K3.Q-LEAP.DE' IP=192.168.53.212 [...] [2007/07/18 12:03:11, 3] libads/ldap.c:ads_connect(394) Connected to LDAP server 192.168.53.212 [2007/07/18 12:03:11, 2] libads/ldap.c:ldap_open_with_timeout(70) Could not open LDAP connection to ".ads2k3.q-leap.de:389: No such file or directory 3.0.22 =====[2007/07/18 12:04:27, 4] libsmb/namequery.c:get_dc_list(1406) get_dc_list: returning 1 ip addresses in an ordered list [2007/07/18 12:04:27, 4] libsmb/namequery.c:get_dc_list(1407) get_dc_list: 192.168.53.212:389 [2007/07/18 12:04:27, 5] libads/ldap.c:ads_try_connect(126) ads_try_connect: trying ldap server '192.168.53.212' port 389 [2007/07/18 12:04:27, 3] libads/ldap.c:ads_connect(288) Connected to LDAP server 192.168.53.212 [2007/07/18 12:04:27, 3] libads/ldap.c:ads_server_info(2542) got ldap server name ads-2k3@ADS2K3.Q-LEAP.DE, using bind path: dc=ADS2K3,dc=Q-LEAP,dc=DE Well, I have absolutely no idea were it takes "ads-2k3" from, does it get it itself from from the ads server? Its not in the smb.conf, not in the krb5.conf, simply nowhere configured. Anyway, in samba-3.0.25 it seems to try to interprete ads-2k3 as part of the domain name and not as username, which I guess is the main problem. Any idea whats wrong? Thanks in advance, Bernd -- Bernd Schubert Q-Leap Networks GmbH
On Wednesday 18 July 2007 12:12:26 Bernd Schubert wrote:> Hi, > > I'm presently testing to upgrade from 3.0.22 to 3.0.25 and have an ads > problem. > > net -d 10 -s /etc/samba/smb.conf ads join > > 3.0.25: > ======> [2007/07/18 12:03:11, 4] libsmb/namequery_dc.c:ads_dc_name(131) > ads_dc_name: using server='ADS-2K3.ADS2K3.Q-LEAP.DE' IP=192.168.53.212 > [...] > > [2007/07/18 12:03:11, 3] libads/ldap.c:ads_connect(394) > Connected to LDAP server 192.168.53.212 > [2007/07/18 12:03:11, 2] libads/ldap.c:ldap_open_with_timeout(70) > Could not open LDAP connection to ".ads2k3.q-leap.de:389: No such file or > directorySorry, that was supposed to be [2007/07/18 12:12:07, 2] libads/ldap.c:ldap_open_with_timeout(70) Could not open LDAP connection to ads-2k3.ads2k3.q-leap.de:389: No such file or directory -- Bernd Schubert Q-Leap Networks GmbH
Volker Lendecke
2007-Jul-19 06:22 UTC
[Samba] Re: [3.0.25] bug: net ignors kerberos tickets
On Thu, Jul 19, 2007 at 01:50:50AM +0200, Bernd Schubert wrote:> > Seems to be a bug in samba, I think it always asks for a password ignoring > > already available kerberos tickets. > > Attached is a first patch.No patch attached. Volker -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.samba.org/archive/samba/attachments/20070719/fc6c9f52/attachment.bin
On Thursday 19 July 2007 08:31:32 Warren Beldad wrote:> its because you did not provide the username thats why it connects using > root.. > you can specify the username using the -U option and add the password > directly using.. > > net ads join -Uusername%passwordNo, it doesn't try to connect as root, but as host-ha-test-1, I still do not understand whats the magic behind that, but I guess it gets this name from the ads server. See the patch in the other mail which gets its working, or here is the link http://www.pci.uni-heidelberg.de/tc/usr/bernd/downloads/samba/net.patch Cheers, Bernd -- Bernd Schubert Q-Leap Networks GmbH