Mathew Rowley
2010-Nov-02 16:46 UTC
[Samba] Joining AD Domain = NT_STATUS_INVALID_COMPUTER_NAME
When I try and join my AD domain, I get the following error: root at mat-desktop:~# net join -I 10.252.159.137 -U Administrator Enter Administrator's password: [2010/11/02 10:38:01.176096, 0] utils/net_rpc_join.c:406(net_rpc_join_newstyle) Error in domain join verification (credential setup failed): NT_STATUS_INVALID_COMPUTER_NAME Unable to join domain SECLAB. In my smb.conf, my computer name is set to 'MAT-DESKTOP' (which I thought was a valid name): root at mat-desktop:~# grep -A1 'server string' /etc/samba/smb.conf server string = MAT-DESKTOP netbios name = MAT-DESKTOP Does anyone know why else I would be getting that error message? kinit work fine, and here are my additional configs: krb5.conf: [logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log kdc = SYSLOG:INFO:AUTH admin_server = FILE:/var/log/kadmind.log admin_server = SYSLOG:INFO:AUTH [libdefaults] default_realm = SECLAB dns_lookup_realm = false dns_lookup_kdc = false ticket_lifetime = 24h forwardable = yes [appdefaults] pam = { debug = false ticket_lifetime = 36000 renew_lifetime = 36000 forwardable = true krb4_convert = false } [realms] SECLAB = { kdc = seclab.security.lab.net:88 default_domain = seclab.security.lab.net } .seclab.security.lab.net = SECLAB seclab.security.lab.net = SECLAB smb.conf: [global] workgroup = SECLAB server string = MAT-DESKTOP netbios name = MAT-DESKTOP dns proxy = no log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 panic action = /usr/share/samba/panic-action %d security = ads encrypt passwords = true passdb backend = tdbsam obey pam restrictions = yes unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . pam password change = yes map to guest = bad user idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 template shell = /bin/bash winbind use default domain = no password server = seclab.security.lab.net //your AD-server realm = SECLAB usershare allow guests = yes [homes] comment = Home Directories browseable = no writable = yes [printers] comment = All Printers browseable = no path = /var/spool/samba printable = yes guest ok = no read only = yes create mask = 0700 [print$] comment = Printer Drivers path = /var/lib/samba/printers browseable = yes read only = yes guest ok = no
Rowley, Mathew
2010-Nov-02 16:47 UTC
[Samba] Joining AD Domain = NT_STATUS_INVALID_COMPUTER_NAME
When I try and join my AD domain, I get the following error: root at mat-desktop:~# net join -I 10.252.159.137 -U Administrator Enter Administrator's password: [2010/11/02 10:38:01.176096, 0] utils/net_rpc_join.c:406(net_rpc_join_newstyle) Error in domain join verification (credential setup failed): NT_STATUS_INVALID_COMPUTER_NAME Unable to join domain SECLAB. In my smb.conf, my computer name is set to 'MAT-DESKTOP' (which I thought was a valid name): root at mat-desktop:~# grep -A1 'server string' /etc/samba/smb.conf server string = MAT-DESKTOP netbios name = MAT-DESKTOP Does anyone know why else I would be getting that error message? kinit work fine, and here are my additional configs: krb5.conf: [logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log kdc = SYSLOG:INFO:AUTH admin_server = FILE:/var/log/kadmind.log admin_server = SYSLOG:INFO:AUTH [libdefaults] default_realm = SECLAB dns_lookup_realm = false dns_lookup_kdc = false ticket_lifetime = 24h forwardable = yes [appdefaults] pam = { debug = false ticket_lifetime = 36000 renew_lifetime = 36000 forwardable = true krb4_convert = false } [realms] SECLAB = { kdc = seclab.security.lab.net:88 default_domain = seclab.security.lab.net<seclab.security.lab.net> } .seclab.security.lab.net = SECLAB seclab.security.lab.net<seclab.security.lab.net> = SECLAB smb.conf: [global] workgroup = SECLAB server string = MAT-DESKTOP netbios name = MAT-DESKTOP dns proxy = no log file = /var/log/samba/log.%m max log size = 1000 syslog = 0 panic action = /usr/share/samba/panic-action %d security = ads encrypt passwords = true passdb backend = tdbsam obey pam restrictions = yes unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . pam password change = yes map to guest = bad user idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 template shell = /bin/bash winbind use default domain = no password server = seclab.security.lab.net<seclab.security.lab.net> //your AD-server realm = SECLAB usershare allow guests = yes [homes] comment = Home Directories browseable = no writable = yes [printers] comment = All Printers browseable = no path = /var/spool/samba printable = yes guest ok = no read only = yes create mask = 0700 [print$] comment = Printer Drivers path = /var/lib/samba/printers browseable = yes read only = yes guest ok = no