samba - Aug 2005 - Error joining domain

Hi,

I have run a Linux machine as a windows domain client for a while. One
time the windows 2000 domain server went down while the linux box kept
running. Since then I am unable to login using winbind. I tried
re-adding the linux machine without any success, I constantly get
errors like this:

#net join -U administrator
administrator's password:
[2005/08/18 16:48:52, 0] libads/kerberos.c:ads_kinit_password(147)
  kerberos_kinit_password administrator@PEAKADILLY.LOCAL failed:
Cannot contact any KDC for requested realm
[2005/08/18 16:48:52, 0] utils/net_ads.c:ads_startup(186)
  ads_connect: Cannot contact any KDC for requested realm
Joined domain MYDOMAIN.

The command runs without any progress for a minute or so and then
gives the error message. Yet logging it still does not work.

If I do
#net rpc join -U administrator
I instantly get 'Joined domain MYDOMAIN.' but it still does not work.

I have put the domain controller in /etc/hosts and can ping it without
problems. smbclient -L //mycontroller also runs fine after
authenticating.

Anyone knows what might be causing this problem?

Regards,
Leen Toelen

Hi,

when I did net ads join -U administrator -I "*.*.*.*" 
I got the same error but after that wbinfo -u showed all users and
loggin in works.

However, browsing to the linux box from another machine I keep getting
the password dialog. In the logs I get;

[2005/08/18 17:04:42, 2] nsswitch/winbindd_util.c:add_trusted_domain(180)
  Added domain BUILTIN  S-1-5-32
[2005/08/18 17:04:42, 2] nsswitch/winbindd_util.c:add_trusted_domain(180)
  Added domain BIOINF  S-1-5-21-51082066-3239425611-1963012567
[2005/08/18 17:04:53, 2] nsswitch/winbindd_pam.c:winbindd_pam_auth_crap(642)
  NTLM CRAP authentication for user [MYDOMAIN]\[toelen] returned
NT_STATUS_ACCESS_DENIED (PAM: 4)
[2005/08/18 17:04:53, 2] nsswitch/winbindd_pam.c:winbindd_pam_auth_crap(642)
  NTLM CRAP authentication for user [MYDOMAIN]\[toelen] returned
NT_STATUS_ACCESS_DENIED (PAM: 4)
[2005/08/18 17:04:53, 2] nsswitch/winbindd_pam.c:winbindd_pam_auth_crap(642)

Anyone an idea?

Regards,
Leen Toelen


On 8/18/05, Leen Toelen <toelen@gmail.com> wrote:
> Hi,
> 
> I have run a Linux machine as a windows domain client for a while. One
> time the windows 2000 domain server went down while the linux box kept
> running. Since then I am unable to login using winbind. I tried
> re-adding the linux machine without any success, I constantly get
> errors like this:
> 
> #net join -U administrator
> administrator's password:
> [2005/08/18 16:48:52, 0] libads/kerberos.c:ads_kinit_password(147)
>   kerberos_kinit_password administrator@PEAKADILLY.LOCAL failed:
> Cannot contact any KDC for requested realm
> [2005/08/18 16:48:52, 0] utils/net_ads.c:ads_startup(186)
>   ads_connect: Cannot contact any KDC for requested realm
> Joined domain MYDOMAIN.
> 
> The command runs without any progress for a minute or so and then
> gives the error message. Yet logging it still does not work.
> 
> If I do
> #net rpc join -U administrator
> I instantly get 'Joined domain MYDOMAIN.' but it still does not
work.
> 
> I have put the domain controller in /etc/hosts and can ping it without
> problems. smbclient -L //mycontroller also runs fine after
> authenticating.
> 
> Anyone knows what might be causing this problem?
> 
> Regards,
> Leen Toelen
>