Alexander Skwar
2003-Feb-25 13:54 UTC
[Samba] Problmes joining Samba server to Active Directory
Hi.
I've now been told the name of our Kerberos server for the Active
Directory that I'm trying to join my Samba 3.0 alpha 21 to.
As described on
http://techupdate.zdnet.co.uk/story/0,,t481-s2122363-p2,00.html, I
configured /etc/krb5.conf like this:
[root@ugkbase samba]# cat /etc/krb5.conf
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
ticket_lifetime = 24000
default_realm = EUROPE.DELPHIAUTO.NET
dns_lookup_realm = false
dns_lookup_kdc = false
[realms]
EUROPE.DELPHIAUTO.NET = {
kdc = dewup-dc01.europe.delphiauto.net:88
admin_server = dewup-dc01.europe.delphiauto.net:749
default_domain = europe.delphiauto.net
}
[domain_realm]
.europe.delphiauto.net = EUROPE.DELPHIAUTO.NET
europe.delphiauto.net = EUROPE.DELPHIAUTO.NET
[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
I was then able to login using "kinit vz6tml@EUROPE.DELPHIAUTO.NET".
But when I try to do "net ads join", I get an error (log level = 9):
[root@ugkbase samba]# /usr/bin/net ads join
[2003/02/25 14:52:34, 5] lib/debug.c:debug_dump_status(358)
INFO: Current debug levels:
all: True/9
tdb: False/0
printdrivers: False/0
lanman: False/0
smb: False/0
rpc_parse: False/0
rpc_srv: False/0
rpc_cli: False/0
passdb: False/0
sam: False/0
auth: False/0
winbind: False/0
vfs: False/0
doing parameter realm = EUROPE.DELPHIAUTO.NET
doing parameter ads server = 130.171.200.151
doing parameter security = ADS
doing parameter encrypt passwords = yes
doing parameter workgroup = europe
doing parameter server string = Samba Server
doing parameter printcap name = /etc/printcap
doing parameter load printers = no
doing parameter log file = /var/log/samba/log.%m
doing parameter max log size = 50
doing parameter socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
doing parameter dns proxy = no
[2003/02/25 14:52:34, 4] param/loadparm.c:lp_load(3614)
pm_process() returned Yes
[2003/02/25 14:52:34, 7] param/loadparm.c:lp_servicenumber(3721)
lp_servicenumber: couldn't find homes
[2003/02/25 14:52:34, 5] lib/util.c:init_names(269)
Netbios name list:-
my_netbios_names[0]="UGKBASE"
[2003/02/25 14:52:34, 2] lib/interface.c:add_interface(79)
added interface ip=204.104.207.110 bcast=204.104.207.127
nmask=255.255.255.192
[2003/02/25 14:52:34, 5] libads/ldap.c:ads_try_connect(53)
ads_try_connect: trying ldap server '130.171.200.151' port 389
[2003/02/25 14:52:34, 3] libads/ldap.c:ads_connect(267)
Connected to LDAP server 130.171.200.151
[2003/02/25 14:52:34, 3] libads/ldap.c:ads_server_info(1809)
got ldap server name dewup-dc01@EUROPE.DELPHIAUTO.NET, using bind
path: dc=EUROPE,dc=DELPHIAUTO,dc=NET
[2003/02/25 14:52:34, 4] libads/ldap.c:ads_server_info(1815)
time offset is -164 seconds
[2003/02/25 14:52:34, 4] libads/sasl.c:ads_sasl_bind(407)
Found SASL mechanism GSS-SPNEGO
[2003/02/25 14:52:34, 3] libads/sasl.c:ads_sasl_spnego_bind(183)
got OID=1 2 840 48018 1 2 2
[2003/02/25 14:52:34, 3] libads/sasl.c:ads_sasl_spnego_bind(183)
got OID=1 2 840 113554 1 2 2
[2003/02/25 14:52:34, 3] libads/sasl.c:ads_sasl_spnego_bind(183)
got OID=1 2 840 113554 1 2 2 3
[2003/02/25 14:52:34, 3] libads/sasl.c:ads_sasl_spnego_bind(183)
got OID=1 3 6 1 4 1 311 2 2 10
[2003/02/25 14:52:34, 3] libads/sasl.c:ads_sasl_spnego_bind(190)
got principal=dewup-dc01$@EUROPE.DELPHIAUTO.NET
net: ../../../libraries/libldap/getvalues.c:93: ldap_get_values_len:
Assertion `entry != ((void *)0)' failed.
Aborted
Any ideas about what I missed/messed up?
Thanks a lot,
Alexander Skwar
--
printk("CPU[%d]: Sending penguins to jail...",smp_processor_id());
2.4.8 arch/sparc64/kernel/smp.c
Reasonably Related Threads
Wisdom of the Ancients
