So I ended up doing a net ads leave which removed the machine account from Active directory. Now I am trying to re-add it, but it seems to still be hanging around in Kerberos ... root at workhorse:/etc# klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: administrator at DACRIB.LOCAL Valid starting Expires Service principal 04/24/10 17:25:50 04/25/10 03:25:55 krbtgt/DACRIB.LOCAL at DACRIB.LOCAL renew until 04/25/10 17:25:50 root at workhorse:/etc# net ads testjoin -Uadministrator%password Enter WORKHORSE$@DACRIB.LOCAL's password: [2010/04/24 17:30:45, 0] libads/kerberos.c:332(ads_kinit_password) kerberos_kinit_password WORKHORSE$@DACRIB.LOCAL failed: Client not found in Kerberos database Join to domain is not valid: Improperly formed account name WORKHORSE is the server I am trying to add. I dunno why it is trying to use that password, rather than the administrator password. So now I am more lost than ever. :-) Why is it wanting to use the machine name, to join? Where to go now?
Well, after much gnashing of teeth, and rough words, I was finally able to get it to work. I have successfully re-joined it to the domain. turgon at workhorse:~$ wbinfo -t checking the trust secret via RPC calls succeeded turgon at workhorse:~$ sudo net ads testjoin Join is OK and checking from another Linux machine running Samba is able to list and connect to shares: turgon at turgon-laptop:~/.gnupg$ smbclient -L workhorse Enter turgon's password: Domain=[DACRIB] OS=[Unix] Server=[Samba 3.4.0] Sharename Type Comment --------- ---- ------- print$ Disk Printer Drivers OldHome Disk The Old Home Folder Photos Disk IPC$ IPC IPC Service (workhorse server (Samba 3.4.0, Domain: DACRIB, Server: workhorse - NT1)) Domain=[DACRIB] OS=[Unix] Server=[Samba 3.4.0] Server Comment --------- ------- WORKHORSE workhorse server (Samba 3.4.0, Domain: , Server: Workgroup Master --------- ------- DACRIB So I'm working now. Hopefully, I won't break it again. :-) Thanks
Possibly Parallel Threads
- Still can't mount Samba shares from other Samba server
- Can join AD 2003 domain; can't list shares from other servers
- wbinfo -a fails plaintext auth; passes challenge/response
- Problems using multiple Samba servers in a Win2003 AD domain
- smbclient -k works; mount -t cifs does not