samba - Sep 2008 - net ads join failed

Hi,

I am trying to join a samba server to my AD directory but if fails:

[root@localhost postfix]# net ads join -U apacci@ACME
apacci@ACNEU's password:
[2008/09/04 15:12:45, 0] libads/kerberos.c:ads_kinit_password(228)
  kerberos_kinit_password apacci@ACME failed: Cannot resolve network address
for KDC in requested realm
Failed to join domain: Undetermined error

[root@localhost postfix]# net ads join -U apacci@EU.ACME.COM
apacci@EU.ACME.COM's password:
Using short domain name -- ACME
Failed to set servicePrincipalNames. Please ensure that
the DNS domain of this server matches the AD domain,
Or rejoin with using Domain Admin credentials.
Deleted account for 'AMSDEV-DV10' in realm 'EU.ACME.COM'
Failed to join domain: Type or value exists

There is no computer account named amsdev-dv10 in my directory.

kinit doesn't return anything
[root@localhost postfix]# kinit apacci
Password for apacci@EU.ACME.COM:

My resolv.conf is ok.I can ping and resolve hosts in my AD. My /etc/host
file is basic:
::1     localhost.localdomain   localhost       amsdev-dv10

The username is domain admin.

My krb5.conf is as follow:

[libdefaults]
 default_realm = EU.ACME.COM
 dns_lookup_realm = false
 dns_lookup_kdc = false
 ticket_lifetime = 24h
 forwardable = yes

[realms]

EU.ACME.COM = {
        kdc = amsterdam-dc02.eu.acme.com
        kdc = amsterdam-dc01.eu.acme.com
        admin_server = amsterdam-dc02.eu.acme.com
        master_kdc = amsterdam-dc02.eu.acme.com
        default_domain = eu.acme.com
        }

[domain_realm]

 eu.acme.com = EU.ACME.COM
 .eu.acme.com = EU.ACME.COM
 .acme.com = EU.ACME.COM
 acme.com = EU.ACME.COM
[kdc]
        profile = /etc/kdc.conf

smb.conf

[global]

   workgroup = ACME
   password server = 10.130.12.100
   realm = EU.ACME.COM
   security = ADS
   idmap uid = 16777216-33554431
   idmap gid = 16777216-33554431
   winbind separator = +
   template shell = /bin/false
   winbind use default domain = true
   winbind offline logon = false


        server string = Samba Server Version %v
        passdb backend = tdbsam
        preferred master = No
        wins server = 10.130.10.100
        ldap ssl = no
        winbind enum users = Yes
        winbind enum groups = Yes

[homes]
        comment = Home Directories
        read only = No
        browseable = No

Apparently something is wrong with my hosts file. I have changed it and now
get a much better result:
[root@amsdev-dv10 ~]# net ads join -U apacci@EU.ACME.COM
apacci@EU.ACME.COM's password:
Using short domain name -- ACME
DNS update failed!
Joined 'AMSDEV-DV10' to realm 'EU.ACME.COM'

What the dns update failed means?


2008/9/4 Thomas Vito <shoktai@gmail.com>
> Hi,
>
> I am trying to join a samba server to my AD directory but if fails:
>
> [root@localhost postfix]# net ads join -U apacci@ACME
> apacci@ACNEU's password:
> [2008/09/04 15:12:45, 0] libads/kerberos.c:ads_kinit_password(228)
>   kerberos_kinit_password apacci@ACME failed: Cannot resolve network
> address for KDC in requested realm
> Failed to join domain: Undetermined error
>
> [root@localhost postfix]# net ads join -U apacci@EU.ACME.COM
> apacci@EU.ACME.COM's password:
> Using short domain name -- ACME
> Failed to set servicePrincipalNames. Please ensure that
> the DNS domain of this server matches the AD domain,
> Or rejoin with using Domain Admin credentials.
> Deleted account for 'AMSDEV-DV10' in realm 'EU.ACME.COM'
> Failed to join domain: Type or value exists
>
> There is no computer account named amsdev-dv10 in my directory.
>
> kinit doesn't return anything
> [root@localhost postfix]# kinit apacci
> Password for apacci@EU.ACME.COM:
>
> My resolv.conf is ok.I can ping and resolve hosts in my AD. My /etc/host
> file is basic:
> ::1     localhost.localdomain   localhost       amsdev-dv10
>
> The username is domain admin.
>
> My krb5.conf is as follow:
>
> [libdefaults]
>  default_realm = EU.ACME.COM
>  dns_lookup_realm = false
>  dns_lookup_kdc = false
>  ticket_lifetime = 24h
>  forwardable = yes
>
> [realms]
>
> EU.ACME.COM = {
>         kdc = amsterdam-dc02.eu.acme.com
>         kdc = amsterdam-dc01.eu.acme.com
>         admin_server = amsterdam-dc02.eu.acme.com
>         master_kdc = amsterdam-dc02.eu.acme.com
>         default_domain = eu.acme.com
>         }
>
> [domain_realm]
>
>  eu.acme.com = EU.ACME.COM
>  .eu.acme.com = EU.ACME.COM
>  .acme.com = EU.ACME.COM
>  acme.com = EU.ACME.COM
> [kdc]
>         profile = /etc/kdc.conf
>
> smb.conf
>
> [global]
>
>    workgroup = ACME
>    password server = 10.130.12.100
>    realm = EU.ACME.COM
>    security = ADS
>    idmap uid = 16777216-33554431
>    idmap gid = 16777216-33554431
>    winbind separator = +
>    template shell = /bin/false
>    winbind use default domain = true
>    winbind offline logon = false
>
>
>         server string = Samba Server Version %v
>         passdb backend = tdbsam
>         preferred master = No
>         wins server = 10.130.10.100
>         ldap ssl = no
>         winbind enum users = Yes
>         winbind enum groups = Yes
>
> [homes]
>         comment = Home Directories
>         read only = No
>         browseable = No
>
>
>
>
>