Gabriel Petrescu
2009-Jun-22 12:02 UTC
[Samba] ubuntu, samba and users autheticated over AD
Hi:) I try to make an ubuntu with samba to authenticate users from AD. samba, krb5 installed. smb.conf - no errors krb5.conf - no errors it's workig: kinit klist i can see the shares from AD I added the linux samba server in domain: kinit gabriel@MYDOMAIN.LOCAL net ads join -U gabriel%password after that i've got a message: Using short domain name -- MYDOMAIN Disabled account for 'FILESERVER' in realm 'MYDOMAIN.LOCAL' Failed to join domain: Type or value exists If I check AD filserver - my linux samba machine - is in computer's list, but is disabled. wbinfo -u and wbinfo -g gives nothing.. I have no ideea what to do.. Please help:) Thank you:) Gabi
Volker Lendecke
2009-Jun-22 12:07 UTC
[Samba] ubuntu, samba and users autheticated over AD
On Mon, Jun 22, 2009 at 02:54:52PM +0300, Gabriel Petrescu wrote:> Hi:) > > I try to make an ubuntu with samba to authenticate users from AD. > > samba, krb5 installed. > > smb.conf - no errors > > krb5.conf - no errors > > it's workig: > > kinit > > klist > > i can see the shares from AD > > I added the linux samba server in domain: > > kinit gabriel@MYDOMAIN.LOCAL > > net ads join -U gabriel%password > > after that i've got a message: > > Using short domain name -- MYDOMAIN > Disabled account for 'FILESERVER' in realm 'MYDOMAIN.LOCAL' > Failed to join domain: Type or value existsTry to give your host a fully qualified domain name. The output of "hostname" and "hostname -f" must differ. Volker -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : lists.samba.org/archive/samba/attachments/20090622/ea6a264d/attachment.bin
Hallo, Volker, Du meintest am 22.06.09:> Try to give your host a fully qualified domain name. The > output of "hostname" and "hostname -f" must differ.That depends. My slackware "hostname" (from the tcpip package or the util-linux package) shows the same when I type "hostname -f" or "hostname", I get the short version with "hostname -s". Viele Gruesse! Helmut
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Am 22.06.2009 13:54, schrieb Gabriel Petrescu:> Hi:)Hi, The 'best', let's say, which worked for me from the start, is this one: wiki.samba.org/index.php/Samba_&_Active_Directory It's fairly generic, but worked on CentOS 5.3. From the last post I would say: badly screwed, better start from scratch and stick with one howto, understand what you're doing and allways do small steps. Cheers Matthias> > I try to make an ubuntu with samba to authenticate users from AD. > > samba, krb5 installed. > > smb.conf - no errors > > krb5.conf - no errors > > it's workig: > > kinit > > klist > > i can see the shares from AD > > I added the linux samba server in domain: > > kinit gabriel@MYDOMAIN.LOCAL > > net ads join -U gabriel%password > > after that i've got a message: > > Using short domain name -- MYDOMAIN > Disabled account for 'FILESERVER' in realm 'MYDOMAIN.LOCAL' > Failed to join domain: Type or value exists > > If I check AD filserver - my linux samba machine - is in computer's list, > but is disabled. > > wbinfo -u and wbinfo -g gives nothing.. > > I have no ideea what to do.. > > Please help:) > > Thank you:) > > Gabi-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - enigmail.mozdev.org iEYEARECAAYFAko/q+QACgkQf3LySRiTg2wzqQCfegrCArrK9iNDI9U3HO2no8n6 LS4AnR1h6dZ2e20uLuWWfNyLhVgVtbrL =yJ9R -----END PGP SIGNATURE-----