Hi, Earlier I've used kclient to join a domain based in a w2003 AD server, with great success after implementation of the -T ms_ad function in kclient.
Now, my employeer has swithced to a win2008 AD server, and I'm not able to join the domain anymore. Do anyone have any hints/workarounds? #kclient -n -R AD.MYDOMAIN.NO -a admuser -T ms_ad Starting client setup --------------------------------------------------- Setting up /etc/krb5/krb5.conf. Attempting to join 'MYMACHINE' to the 'AD.MYDOMAIN.NO' domain. Password for admuser at AD.MYDOMAIN.NO: ldap_sasl_interactive_bind_s: Strong authentication required ldap_sasl_interactive_bind_s: additional info: 00002028: LdapErr: DSID-0C0901FC, comment: The server requires binds to turn on integrity checking if SSL\TLS are not already active on the connection, data 0, v1db0 Can't find forest. --------------------------------------------------- Setup FAILED. # the user "admuser" has permissons to do this, and the password is correct. I think I need somehow to tell kclient to use LDAP/TLS and LDAP simple BIND instead of SASL, it might work, but how??? -espenM -- This message posted from opensolaris.org
