Dear All,
I have succesfully managed to have my kerberos configured n working
without error when i say
kinit Administrator
and after entering password i get the # prompt
so its works fine
my krb5.conf
--------------
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = BALADIA.LOCAL
dns_lookup_kdc = false
dns_lookup_realm = false
[realms]
BALADIA.LOCAL = {
default_domain = baladia.local
kdc = xx.xx.xx.xx:88
admin_server = xx.xx.xx.xx:749
kdc = KMUN
}
[domain_realm]
baladia.local = BALADIA.LOCAL
--------------------------------
klist shows
icket cache: FILE:/tmp/krb5cc_0
Default principal: Administrator@BALADIA.LOCAL
Valid starting Expires Service principal
03/26/09 11:33:04 03/26/09 21:33:18 krbtgt/BALADIA.LOCAL@BALADIA.LOCAL
renew until 03/27/09 11:33:04
Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached
------------------------
now i configured /etc/samba/smb.conf but when i try to join my Win2003 ADS
domain server
net ads join -U Administrator
Administrator's password:
[2009/03/26 21:58:05, 0] utils/net_ads.c:ads_startup_int(286)
ads_connect: No logon servers
Failed to join domain: No logon servers
after googling and tryin various options in /etc/samba/smb.conf file here
is the latest smb.conf file
---------------------
[global]
#--authconfig--start-line--
# Generated by authconfig on 2009/03/26 12:50:28
# DO NOT EDIT THIS SECTION (delimited by --start-line--/--end-line--)
# Any modification may be deleted or altered by authconfig in future
workgroup = BALADIA.LOCAL
; password server = kmun.baladia.local
password server = 172.16.2.227
realm = KMUN.BALADIA.LOCAL
security = ads
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
winbind separator = +
template shell = /bin/bash
winbind use default domain = true
winbind offline logon = false
encrypt passwords = yes
log level = 3
#--authconfig--end-line--
encrypt passwords = yes
dns proxy = no
server string = Samba Server Version %v
os level = 20
client use spnego = no
server signing = auto
--------------------------------------
where i could be goin wrong
i would be thankful and really apprecite your advice for any setting in my
smb.conf file
Is there anything else to check.
really once again apprecite your help and advice
when i run testparam it gives no errors
output of testparm is
----------------------
[root@testproxy ~]# testparm
Load smb config files from /etc/samba/smb.conf
Processing section "[homes]"
Processing section "[printers]"
Loaded services file OK.
'winbind separator = +' might cause problems with group membership.
Server role: ROLE_DOMAIN_MEMBER
Press enter to see a dump of your service definitions
[global]
workgroup = BALADIA.LOCAL
realm = KMUN.BALADIA.LOCAL
server string = Samba Server Version %v
security = ADS
password server = 172.16.2.227
log level = 3
server signing = auto
client use spnego = No
preferred master = No
dns proxy = No
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
template shell = /bin/bash
winbind separator = +
winbind use default domain = Yes
[homes]
comment = Home Directories
read only = No
browseable = No
[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No
----------------------------------------
thnks and Regards
Simon
--
Network ADMIN
-------------
KUWAIT MUNICIPALITY:
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
> -----Original Message----- > From: > samba-bounces+james_zuelow=ci.juneau.ak.us@lists.samba.org > [mailto:samba-bounces+james_zuelow=ci.juneau.ak.us@lists.samba > .org] On Behalf Of Benedict simon > Sent: Friday, 27 March, 2009 05:06 > To: samba@lists.samba.org > Subject: [Samba] failed to join domain error > > Dear All, > > I have succesfully managed to have my kerberos configured n working > without error when i say > > kinit Administrator > and after entering password i get the # prompt > so its works fine >> > now i configured /etc/samba/smb.conf but when i try to join > my Win2003 ADS > domain server > > net ads join -U Administrator > Administrator's password: > [2009/03/26 21:58:05, 0] utils/net_ads.c:ads_startup_int(286) > ads_connect: No logon servers > Failed to join domain: No logon servers >> > thnks and Regards > > Simon > > > -- > Network ADMIN > ------------- > KUWAIT MUNICIPALITY:I just had a host do this recently, using Samba 3.2.5-4 Debian. DNS was working fine, kerberos was working fine, but for some reason net ads join didn't want to work. I resolved it by putting an entry for a domain controller into /etc/hosts. After that net ads join worked fine. James Zuelow....................CBJ MIS (907)586-0236 Network Specialist...Registered Linux User No. 186591