Pierre Le SIDANER
2005-Jan-04 14:34 UTC
[Samba] problems includind a samba server in a 2003 network
Hello I am brand new on samba server
I am trying to put a samba server in a windows 2003 domain
the autentification have to be done by the 2003 AD, and my configuration
does not work
my samba version is samba-3.0.10-1 on redhat
as i try to access samba server from a xp on the domain it does not work
i have try to access the pdc with ads "laurel" with net join from the
samba server
with an acount Pierre_admin on the AD witch is administrator
and it does not work
[root@silvacane etc]# net join -S laurel.obspm.fr -U Pierre_admin%toto
[2005/01/04 16:25:43, 0] libads/kerberos.c:ads_kinit_password(146)
kerberos_kinit_password Pierre_admin@SERVICES.OBSPM.FR failed: Cannot
find KDC for requested realm
[2005/01/04 16:25:43, 0] utils/net_ads.c:ads_startup(186)
ads_connect: Cannot find KDC for requested realm
[2005/01/04 16:25:43, 0] rpc_client/cli_netlogon.c:cli_nt_setup_creds(256)
cli_nt_setup_creds: request challenge failed
[2005/01/04 16:25:43, 0] rpc_client/cli_netlogon.c:cli_nt_setup_creds(256)
cli_nt_setup_creds: request challenge failed
[2005/01/04 16:25:43, 0] utils/net_rpc_join.c:net_rpc_join_newstyle(319)
Error domain join verification (reused connection):
NT_STATUS_INVALID_COMPUTER_NAME
I give you my smb.conf config, thank you for some help
[global]
workgroup = SERVICES
server string = Samba test pierre
netbios name = test_pierre
printcap name = /etc/printcap
load printers = yes
log file = /var/log/samba/smbd.log
max log size = 500
security = ADS
password server = laurel.obspm.fr
encrypt passwords = yes
add machine script = /usr/sbin/useradd -d /dev/null -g 100 -s
/bin/false -M
%u
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
dns proxy = no
--
-------------------------------------------------------------------------------------------------------------------
Pierre Le Sidaner
Observatoire de Paris-Meudon-Nancay
Service Informatique de l'Observatoire 01 45 07 76 33
Observatoire Virtuel 01 40 51 20 89
mail:pierre.lesidaner@obspm.fr
-------------------------------------------------------------------------------------------------------------------
jpbermejo@prisacom.com
2005-Jan-05 15:07 UTC
[Samba] problems includind a samba server in a 2003 network
On 4 Jan, Pierre Le SIDANER wrote:> Hello I am brand new on samba server > I am trying to put a samba server in a windows 2003 domain > the autentification have to be done by the 2003 AD, and my configuration > does not work > > my samba version is samba-3.0.10-1 on redhat > as i try to access samba server from a xp on the domain it does not work > > i have try to access the pdc with ads "laurel" with net join from the > samba server > with an acount Pierre_admin on the AD witch is administrator > and it does not work > > [root@silvacane etc]# net join -S laurel.obspm.fr -U Pierre_admin%toto > [2005/01/04 16:25:43, 0] libads/kerberos.c:ads_kinit_password(146) > kerberos_kinit_password Pierre_admin@SERVICES.OBSPM.FR failed: Cannot > find KDC for requested realm > [2005/01/04 16:25:43, 0] utils/net_ads.c:ads_startup(186) > ads_connect: Cannot find KDC for requested realm > [2005/01/04 16:25:43, 0] rpc_client/cli_netlogon.c:cli_nt_setup_creds(256) > cli_nt_setup_creds: request challenge failed > [2005/01/04 16:25:43, 0] rpc_client/cli_netlogon.c:cli_nt_setup_creds(256) > cli_nt_setup_creds: request challenge failed > [2005/01/04 16:25:43, 0] utils/net_rpc_join.c:net_rpc_join_newstyle(319) > Error domain join verification (reused connection): > NT_STATUS_INVALID_COMPUTER_NAME > > > I give you my smb.conf config, thank you for some help > [global] > workgroup = SERVICESThe first part of the 'net join' error is probably due to kerberos misconfiguration. Check the default_realm on krb5.conf is your domain name and/or fill the [realms] section with proper values. I might also recommend you to add 'realm = DOMAIN' and 'use kerberos keytab = yes' to smb.conf In my case, to add a machine (stock FC3 updated) to the domain I execute $ kinit Administrator $ net ads join and you get the machine on the domain and HOST/CIFS keys on krb5.keytab Javier Palacios ===========================================================================This e-mail message and any attached files are intended SOLELY for the addressee/s identified herein. It may contain CONFIDENTIAL and/or LEGALLY PRIVILEGED information and may not necessarily represent the opinion of this company. If you receive this message in ERROR, please immediately notify the sender and DELETE it since you ARE NOT AUTHORIZED to use, disclose, distribute, print or copy all or part of the contained information. Thank you. ============================================================================