Displaying 20 results from an estimated 5000 matches similar to: ""net ads keytab create" failing"
2006 Dec 06
2
Samba + Win2k works, Win2003 fails
Hi all,
I've finally almost gotten my desired Samba+AD integration working: I've
joined a domain, AD users can login, kerberos works (keytab integration,
caching, etc.), etc.
However, this is only true as long as I hack my /etc/hosts
and /etc/samba/lmhosts files to trick Samba into always using my
networks Windows 2000 Active Directory Server. The second a Samba
command finds and
2006 Nov 22
1
Confused about Active Directory, Winbind, and Kerberos
I'm trying to learn how to integrate Linux workstations and servers into
a Windows 2000 Active Directory network. I've read and followed the
Samba HOWTO, especially the parts about Winbind, and I got my Linux
workstation authenticating using pam_krb5 and pam_winbind.
klist would show I got a TGT after logging in. Domain users could login
and pam_mkhomedir would properly setup a new home
2006 Oct 03
0
Problems after replacing Domain Controller
Hi! I hope you can help me here.
We replaced our only domain controller (W2K ActiveDirectory) with a
newer server. It was done by means promotion and everything was copied
correctly (acording to the guy who made the transfer of all the stuff
from the old service to the new one). As a matter of fact all services
provided by the old server are already being served by the new one.
Before the
2006 Jun 04
0
Re: administrator privileges
I experienced the following problem with an apparent permissions Catch-22 where there's no "root" user to bootstrap from with Samba-LDAP, and found several other people experienced it too. I eventually figured out why a few people are plagued by this problem while most have never seen it, and I solved it. For everyone else who experiences a similar problem, the explanation and
2006 Jul 03
1
Cannot join win2k ADS
Hi
I am having a real nightmare over this:
Setup is : win2k as ADS server
linux samba server is:
# smbd --version
Version 3.0.14a-Ubuntu
kerberos:
# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: Administrator@KCS.COM
Valid starting Expires Service principal
07/03/06 09:51:51 07/03/06 19:51:51 krbtgt/KCS.COM@KCS.COM
Kerberos 4 ticket cache: /tmp/tkt0
klist: You
2005 Feb 08
1
ldapsam question
I want to check my new LDAP passdb with the net command, but I get:
# net user
root's password:
[2005/02/08 15:00:09, 0] utils/net_ads.c:ads_startup(186)
ads_connect: Interrupted system call
If I use a wrong password, I get:
# net user
root's password:
[2005/02/08 15:04:05, 0] utils/net_ads.c:ads_startup(186)
ads_connect: Interrupted system call
Could not connect to server
2003 Jun 05
0
server=domain does not work in samba3.0-alpha24
Hi All,
I tried to apply "server=domain" for a samba server domain member with
samba-3.0alpha23 and samba-3.0alpha24. In each cases, " ads_connect:
Connection refused .." message appeared when trying to join the domain. But
"net rpc testjoin" says ok.
The main point of this mail is that " smbclient -L mysamba -U username"
will work on
2006 Jun 01
2
Problem to join ADS domain.
Hi,
I post my message here because I can't debug my problem, I hope you have
time to help me to find the problem.
I'm trying to join my Samba machine to an ADS domain, but my "net ads join"
don't work :(
There is my logs, if you need more detail ask me.
~# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: administrateur@TEST.LAN
Valid starting Expires
2006 Sep 12
1
samba with ldapsam: first "net join" always fails, second succeeds
Created an "add machine" script that basically looks for an unused
uid/rid, and then creates a stub LDAP entry for the machine; the first
time I issue "net join", the script is invoked and creates the LDAP entry
correctly, but the join operation fails nevertheless:
f1sa:~# net -U winadmin join
winadmin's password:
[2006/09/08 10:19:40, 0] utils/net_ads.c:ads_startup(191)
2004 Oct 04
1
Repost: ads_connect: No such file or directory
Hi all,
I like to ask my question again
Is there something known about this ?
The question is asked several times before in this group,
but so far I didn't find any answer to the question
Can somebody help me out ?
I want to have Samba join a win2000 active directory
I am using samba-3.0.7
This is compiled on a RedHat 9 machine with:
--prefix=/usr
--localstatedir=/var
2006 Dec 08
0
howto "upgrade/transfer" samba domain-user + domain-group data to a new windows 2003 act
You could do what we do - just replace the local machine policies each time you rev the policy set. They're stored in c:\windows\system32\grouppolicy.
Using gpscript.exe (Google for it, don't have a specific site) you can dump the contents of either registry.pol file to text. You can also recombine textfiles back into a .pol file, and subsequently rev the gpt.ini file so your new .pol
2006 May 16
1
Domain login Problem.
Hi i setted up a samba server on debian sarge using samba version 3.0.14.
my configuration file is as follows:
-------------------------------- BOF -----------------------------------
[global]
guest account = smbguest
security = user
workgroup = SMSERVER
socket options = IPTOS_LOWDELAY TCP_NODELAY SO_SNDBUF=4096 SO_RCVBUF=4096
max log size = 1000
log level = 1
log file =
2005 May 19
0
ADS & Kerberos Woes
I've been successfully running Samba 3.0 under FreeBSD 5 attached to a 2003
Domain for awhile now. As of about a week ago, I could no longer get most
users to authenticate to the Samba server. It happened at roughly the same
time I upgraded to FreeBSD 5.4.
I'm using heimdal 0.6.3, samba 3.0.14 and FreeBSD 5.4. I had the error
running samba 3.0.11 and 3.0.12 from the FreeBSD ports
2004 Sep 02
2
Can't mount samba drive or join domain with W2K3 server
Please cc me on replies.
My employer recently upgraded to W2K3. I have no control over the
employer's set up and limited access to information. Under the old
server, everything was working fine. Now I can't mount the shared drive
anymore.
I'm running Debian sid; samba 3.0.6-3.
################################################
# mount shared_drive
cli_negprot: SMB signing is
2006 Oct 25
1
net ads join problem
Hi all,
I'am trying to join ADS an W2K server. This server was already joined,
but after chrash i was obliged to reinstall it.
When I try net ads join -Uusername the following output appears:
[2006/10/25 14:08:46, 6] libads/ldap.c:ads_find_dc(224)
ads_find_dc: looking for realm 'SLZOVA.CZ'
[2006/10/25 14:08:46, 8] libsmb/namequery.c:get_sorted_dc_list(1551)
get_sorted_dc_list:
2006 Feb 27
1
wbinfo_group.pl / wbinfo -r not working!
Hello,
I have been using samba to authenticate my squid users to Active
Directory. Because of the amount of users, I would like to set up my
ACL's based on groups, rather than individual user accounts.
I have successfully joined my samba box to our windows domain (2k).
For some reason I had to enter the domain controller name instead of
the domain name when doing so. I am now having issues
2007 Feb 27
2
Kerberos works, but "net ads join" fails
Hi List,
this is gonna be a really funky/interesting/uncommon error you're
going to deal with (if you do).
Developer(s): I'd be really happy if you can point me at the right
source files or describe at which
stage of the "discussion" between my servers fail. This might be of
some use..
But let's get to the facts:
SYMPTOMS
--------
1) Invoked "kinit", no
2005 Feb 24
0
Getting ads_connect: Strong authentication required when doing ne t ads join
In my lab I successfully got everything working running our secured Active
Directory and Fedora Core 3. In our AD we have secured settings like
refusing NTLMv2, require LDAP signing, SMB signing and more. In the lab we
have the following rpm's:
krb5-workstation-1.3.4.7
samba-3.0.8.0.pre1.3
openldap-2.2.13-2
But now we're implementing this in production and there we're running Red
Hat
2005 Feb 24
0
Getting ads_connect: Strong authentication required whendoing ne t ads join
Yes, this is in fact caused by LDAP server signing requirements set to
"Require Siging". I put a bug in previously here:
https://bugzilla.samba.org/show_bug.cgi?id=765
And Jeremy Naylor created a patch to add TLS support in libads. The TLS
method is potentially more secure, but it requires a certificate be
installed on the KDC.
You could try applying the patch and setting up the
2005 Feb 24
0
SV: Getting ads_connect: Strong authentication required w hendoing ne t ads join
Thanks for that interesting information. But how come it works in my lab
(where I'm running Fedora Core 3)? Could it be because I'm running a newer
version of LDAP? You think this will be fixed in future releases without the
need to put certificated on the DC?
Are there any detailinformation where to put the certificate on our DC:s?
Unfourtunately we're not running any CA in our