samba - Feb 2006 - ADS and samba domain member: ads_connect: Cannot resolve network address for KDC in requested realm

Hello,
 
I am having a problem getting my server to join our realm as a domain
member server.   I have read through google, yahoo, and this list, but I
cannot find the answer yet.  
 
When I run: net join ads -Uadministrator and try to login it gives the
following error:
 
 kerberos_kinit_password Administrator@MYREALM.COM failed: Cannot
resolve network address for KDC in requested realm
[2006/02/01 09:33:46, 0] ../utils/net_ads.c:ads_startup(191)
  ads_connect: Cannot resolve network address for KDC in requested
realm
 
The details of my setup are:
 
aix 5.2.0.7
libiconv-1.9.1
autoconf-2.59
libiodbc-3.52.4
bison-2.0
m4-1.4.3
db-4.4.20                             
mysql-connector-odbc-3.51.12
krb                                    
samba-3.0.21a    
 
../configure --prefix=/usr/local/samba --with-ads --with-ldap
--with-winbind --with-acl-support --with-utmp --with-quotas
--with-sendfile-support

openldap-2.3.19  
 
./configure --enable-crypt --without-cyrus-sasl                        
        
 
unixODBC-2.2.11
gcc 3.3.2
 
/etc/krb5.conf:
 
[libdefaults]
        default_realm = MYREALM.COM
        default_etypes = des-cbc-crc des-cbc-md5
        default_etypes_des = des-cbc-crc des-cbc-md5
        ticket_lifetime = 24000
        clockskew = 300
        dns_lookup_realm = false
        dns_lookup_kdc = false
 
[realms]
        MYREALM.COM = {
                kdc = myadsserver.mydomain.com
                default_domain = mydomain.com
        }
 
[domain_realm]
        .mydomain.com = MYREALM.COM
 
[logging]
        kdc = FILE:/var/log/kdc.log
        admin_server = FILE:/var/log/kadmin.log
        default = FILE:/var/log/krb5lib.log

/etc/hosts:
1.2.3.4   myadsserver.mydomain.com myadsserver
 
 
Note: Nothing goes into the logs and if I move aisde thekrb5.conf it
still tries automatically MYREALM.COM.  I put an error int he krb5.conf
file to see if it would notice, and it does warn about it, so it is
looking in krb5.conf.
 
 
 
 
David Shapiro
Unix Team Lead
919-765-2011

On Wednesday February 01 2006 9:41 am, David Shapiro
wrote:
> Hello,
>
> I am having a problem getting my server to join our realm as a domain
> member server.   I have read through google, yahoo, and this list, but I
> cannot find the answer yet.
>
> When I run: net join ads -Uadministrator and try to login it gives the
> following error:
>
>  kerberos_kinit_password Administrator@MYREALM.COM failed: Cannot
> resolve network address for KDC in requested realm
> [2006/02/01 09:33:46, 0] ../utils/net_ads.c:ads_startup(191)
>   ads_connect: Cannot resolve network address for KDC in requested
> realm
>
> The details of my setup are:
>
> aix 5.2.0.7
> libiconv-1.9.1
> autoconf-2.59
> libiodbc-3.52.4
> bison-2.0
> m4-1.4.3
> db-4.4.20
> mysql-connector-odbc-3.51.12
> krb
> samba-3.0.21a
>
> ../configure --prefix=/usr/local/samba --with-ads --with-ldap
> --with-winbind --with-acl-support --with-utmp --with-quotas
> --with-sendfile-support
>
> openldap-2.3.19
>
> ./configure --enable-crypt --without-cyrus-sasl
>
>
> unixODBC-2.2.11
> gcc 3.3.2
>
> /etc/krb5.conf:
>
> [libdefaults]
>         default_realm = MYREALM.COM
>         default_etypes = des-cbc-crc des-cbc-md5
>         default_etypes_des = des-cbc-crc des-cbc-md5
>         ticket_lifetime = 24000
>         clockskew = 300
>         dns_lookup_realm = false
>         dns_lookup_kdc = false
>
> [realms]
>         MYREALM.COM = {
>                 kdc = myadsserver.mydomain.com
>                 default_domain = mydomain.com
>         }
>
> [domain_realm]
>         .mydomain.com = MYREALM.COM
>
> [logging]
>         kdc = FILE:/var/log/kdc.log
>         admin_server = FILE:/var/log/kadmin.log
>         default = FILE:/var/log/krb5lib.log
>
> /etc/hosts:
> 1.2.3.4   myadsserver.mydomain.com myadsserver
>
>
> Note: Nothing goes into the logs and if I move aisde thekrb5.conf it
> still tries automatically MYREALM.COM.  I put an error int he krb5.conf
> file to see if it would notice, and it does warn about it, so it is
> looking in krb5.conf.
>
>
>
>
> David Shapiro
> Unix Team Lead
> 919-765-2011
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
In krb5.conf, try this:

[realms]
  YOURDOMAIN.COM = {
       default_domain = yourdomain.com
       kdc = xxx.xxx.xxx.xxx   (my note - use ip address of AD server)
       admin_server = xxx.xxx.xxx.xxx  (my note - use ip address of AD server)
}

HTH.

Dimitri

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.