Hi.
I am trying to configure Samba in Domain security mode. I am on a Sun box
running Solaris 9 and Samba 3.0.23.
A computer account for this Unix Box is configured in the AD Domain (FAFIDDOM)
but I am having issues running net rpc join. I am not planning to use winbind
as the samba shares that I want to create are going to be used by ClearCase
(Rational Configuration Management Tool). ClearCase requires local UNIX accounts
and only supports USER or DOMAIN security modes.
The PDC name is FAIDHC01SDCG04 and the domain name is FAFIDDOM. You can see in
the error messages below that for some reason the PDC name is being used as the
domain name: Unable to join domain FAIDHC01SDCG04.
You can also see below that I tried to explicitly define which smb.conf file to
use, domain to use, etc with no luck.
I also ran the same command with debug level = 4, output below.
Finally at the end of this email you can find smb.conf settings.
Any suggestion?
Tks in advance.
Ana
./net join -S faidhc01sdcg04 -Uadmin%pwd
[2007/01/25 09:28:40, 0] utils/net_rpc_join.c:net_rpc_join_newstyle(341)
Error in domain join verification (credential setup failed):
NT_STATUS_NOT_SUPPORTED
Unable to join domain FAIDHC01SDCG04.
./net join -I 10.176.18.20 --configfile=/etc/samba/smb.conf -w FAFIDDOM
-Uadmin%pwd --debuglevel=0
[2007/01/25 15:36:29, 0] utils/net_rpc_join.c:net_rpc_join_newstyle(341)
Error in domain join verification (credential setup failed):
NT_STATUS_NOT_SUPPORTED
Unable to join domain FAIDHC01SDCG04.
./net join -S FAIDHC01SDCG04 --configfile=/etc/samba/smb.conf -w FAFIDDOM
--Uadmin%pwd --debuglevel=0
[2007/01/25 15:36:12, 0] utils/net_rpc_join.c:net_rpc_join_newstyle(341)
Error in domain join verification (credential setup failed):
NT_STATUS_NOT_SUPPORTED
Unable to join domain FAIDHC01SDCG04.
./net rpc join -S faidhc01sdcg04 --configfile=/etc/samba/smb.conf -Uadmin%pwd
--debuglevel=4
[2007/01/25 11:21:29, 3] param/loadparm.c:lp_load(4199)
lp_load: refreshing parameters
[2007/01/25 11:21:29, 3] param/loadparm.c:init_globals(1385)
Initialising global parameters
[2007/01/25 11:21:29, 3] param/params.c:pm_process(574)
params.c:pm_process() - Processing configuration file
"/etc/samba/smb.conf"
[2007/01/25 11:21:29, 3] param/loadparm.c:do_section(3654)
Processing section "[global]"
doing parameter workgroup = FAFIDDOM
doing parameter netbios name = FAEGSNA01SCCU02
[2007/01/25 11:21:29, 4] param/loadparm.c:handle_netbios_name(2994)
handle_netbios_name: set global_myname to: FAEGSNA01SCCU02
doing parameter server string = 10.191.20.44
doing parameter log file = /var/log/samba/log.%m
doing parameter max log size = 50
doing parameter username map = /opt/samba/lib/username.map
doing parameter security = DOMAIN
doing parameter password server = FAIDHC01SDCG04
doing parameter encrypt passwords = Yes
doing parameter create mask = 0775
doing parameter directory mask = 0775
doing parameter kernel oplocks = No
doing parameter oplocks = No
doing parameter level2 oplocks = No
doing parameter case sensitive = No
doing parameter preserve case = Yes
[2007/01/25 11:21:29, 4] param/loadparm.c:lp_load(4230)
pm_process() returned Yes
[2007/01/25 11:21:29, 2] lib/interface.c:add_interface(81)
added interface ip=10.191.20.44 bcast=10.191.23.255 nmask=255.255.252.0
[2007/01/25 11:21:29, 3] libsmb/cliconnect.c:cli_start_connection(1389)
Connecting to host=faidhc01sdcg04
[2007/01/25 11:21:29, 3] lib/util_sock.c:open_socket_out(870)
Connecting to 10.176.18.20 at port 445
[2007/01/25 11:21:29, 3] rpc_client/cli_pipe.c:rpc_pipe_bind(2081)
rpc_pipe_bind: Remote machine faidhc01sdcg04 pipe \lsarpc fnum 0x4 bind request
returned ok.
[2007/01/25 11:21:30, 3] rpc_client/cli_pipe.c:rpc_pipe_bind(2081)
rpc_pipe_bind: Remote machine faidhc01sdcg04 pipe \NETLOGON fnum 0x8 bind
request returned ok.
[2007/01/25 11:21:30, 4] rpc_client/cli_netlogon.c:rpccli_net_req_chal(46)
cli_net_req_chal: LSA Request Challenge from FAEGSNA01SCCU02 to \\faidhc01sdcg04
[2007/01/25 11:21:30, 3] libsmb/trusts_util.c:just_change_the_password(57)
just_change_the_password: unable to setup creds (NT_STATUS_NOT_SUPPORTED)!
[2007/01/25 11:21:30, 1] utils/net_rpc.c:run_rpc_command(169)
rpc command function failed! (NT_STATUS_NOT_SUPPORTED)
[2007/01/25 11:21:30, 3] libsmb/cliconnect.c:cli_start_connection(1389)
Connecting to host=faidhc01sdcg04
[2007/01/25 11:21:30, 3] lib/util_sock.c:open_socket_out(870)
Connecting to 10.176.18.20 at port 445
[2007/01/25 11:21:30, 3] libsmb/cliconnect.c:cli_session_setup_spnego(710)
Doing spnego session setup (blob length=116)
[2007/01/25 11:21:30, 3] libsmb/cliconnect.c:cli_session_setup_spnego(735)
got OID=1 2 840 48018 1 2 2
[2007/01/25 11:21:30, 3] libsmb/cliconnect.c:cli_session_setup_spnego(735)
got OID=1 2 840 113554 1 2 2
[2007/01/25 11:21:30, 3] libsmb/cliconnect.c:cli_session_setup_spnego(735)
got OID=1 2 840 113554 1 2 2 3
[2007/01/25 11:21:30, 3] libsmb/cliconnect.c:cli_session_setup_spnego(735)
got OID=1 3 6 1 4 1 311 2 2 10
[2007/01/25 11:21:30, 3] libsmb/cliconnect.c:cli_session_setup_spnego(744)
got principal=faidhc01sdcg04$@FAFIDDOM.COM
[2007/01/25 11:21:30, 3] libsmb/ntlmssp.c:ntlmssp_client_challenge(929)
Got challenge flags:
[2007/01/25 11:21:30, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(63)
Got NTLMSSP neg_flags=0x62890215
NTLMSSP_NEGOTIATE_UNICODE
NTLMSSP_REQUEST_TARGET
NTLMSSP_NEGOTIATE_SIGN
NTLMSSP_NEGOTIATE_NTLM
NTLMSSP_NEGOTIATE_NTLM2
NTLMSSP_CHAL_TARGET_INFO
NTLMSSP_NEGOTIATE_128
NTLMSSP_NEGOTIATE_KEY_EXCH
[2007/01/25 11:21:30, 3] libsmb/ntlmssp.c:ntlmssp_client_challenge(951)
NTLMSSP: Set final flags:
[2007/01/25 11:21:30, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(63)
Got NTLMSSP neg_flags=0x60080215
NTLMSSP_NEGOTIATE_UNICODE
NTLMSSP_REQUEST_TARGET
NTLMSSP_NEGOTIATE_SIGN
NTLMSSP_NEGOTIATE_NTLM
NTLMSSP_NEGOTIATE_NTLM2
NTLMSSP_NEGOTIATE_128
NTLMSSP_NEGOTIATE_KEY_EXCH
[2007/01/25 11:21:30, 3] libsmb/ntlmssp_sign.c:ntlmssp_sign_init(338)
NTLMSSP Sign/Seal - Initialising with flags:
[2007/01/25 11:21:30, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(63)
Got NTLMSSP neg_flags=0x60080215
NTLMSSP_NEGOTIATE_UNICODE
NTLMSSP_REQUEST_TARGET
NTLMSSP_NEGOTIATE_SIGN
NTLMSSP_NEGOTIATE_NTLM
NTLMSSP_NEGOTIATE_NTLM2
NTLMSSP_NEGOTIATE_128
NTLMSSP_NEGOTIATE_KEY_EXCH
[2007/01/25 11:21:30, 3] rpc_client/cli_pipe.c:rpc_pipe_bind(2081)
rpc_pipe_bind: Remote machine faidhc01sdcg04 pipe \lsarpc fnum 0x4002 bind
request returned ok.
[2007/01/25 11:21:30, 3] rpc_parse/parse_lsa.c:lsa_io_sec_qos(181)
lsa_io_sec_qos: length c does not match size 8
[2007/01/25 11:21:30, 3] rpc_client/cli_pipe.c:rpc_pipe_bind(2081)
rpc_pipe_bind: Remote machine faidhc01sdcg04 pipe \samr fnum 0x4003 bind request
returned ok.
[2007/01/25 11:21:30, 3] rpc_client/cli_pipe.c:rpc_pipe_bind(2081)
rpc_pipe_bind: Remote machine faidhc01sdcg04 pipe \NETLOGON fnum 0x4004 bind
request returned ok.
[2007/01/25 11:21:30, 4] rpc_client/cli_netlogon.c:rpccli_net_req_chal(46)
cli_net_req_chal: LSA Request Challenge from FAEGSNA01SCCU02 to \\faidhc01sdcg04
[2007/01/25 11:21:30, 0] utils/net_rpc_join.c:net_rpc_join_newstyle(341)
Error in domain join verification (credential setup failed):
NT_STATUS_NOT_SUPPORTED
Unable to join domain FAIDHC01SDCG04.
[2007/01/25 11:21:30, 2] utils/net.c:main(878)
return code = 1
# Global parameters
[global]
workgroup = FAFIDDOM
netbios name = FAEGSNA01SCCU02
server string = 10.191.20.44
log file = /var/log/samba/log.%m
max log size = 50
username map = /opt/samba/lib/username.map
security = domain
password server = faidhc01sdcg04
encrypt passwords = Yes
create mask = 0775
directory mask = 0775
kernel oplocks = No
oplocks = No
level2 oplocks = No
case sensitive = No
preserve case = Yes
[home]
guest ok = no
read only = no
[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No
[vobstore]
comment = ETG VOBS
path = /apps/vobstore
guest ok = yes
read only = no
____________________________________________________________________________________
TV dinner still cooling?
Check out "Tonight's Picks" on Yahoo! TV.
http://tv.yahoo.com/