Has anyone had any success using net ads join to create a new service principal and join Active Directory using samba 3.5.8. This works fine in 3.0.35 but I'm not able to get a working create/join with 3.5.8
In samba 3.0.35 (on a host which is already allowing kerberised loginsvia AD), the following works: net ads join createupn='CIFS/host.domain.com' \ createcomputer='path/to/principal/' -U myadlogin After upgrading and restarting, samba works fine but deleting the AD service principal and samba/private files to reconfigure, the net join fails: # net ads join createupn='CIFS/smbtest.uk.domain.com' createcomputer='MITKerberos/Services' -U myadlogin Enter myadlogin's password: Failed to join domain: failed to precreate account in ou MITKerberos/Services: Invalid DN syntax The OU exists in AD (and works for earlier samba versions). Looking at net ads join output with -d 99, it looks like the net command isn't passing the netbios name through? [2012/02/09 15:45:29.014700, 1] libnet/libnet_join.c:1978() libnet_Join: libnet_JoinCtx: struct libnet_JoinCtx out: struct libnet_JoinCtx account_name : NULL netbios_domain_name : 'AAA' dns_domain_name : 'aaa.ads.domain.com' forest_name : 'ADS.DOMAIN.COM' dn : NULL domain_sid : * domain_sid : S-1-5-21-1606980848-1965331169-1417001333 modified_config : 0x00 (0) error_string : 'failed to precreate account in ou MITKerberos/Services: Invalid DN syntax' domain_is_ad : 0x01 (1) result : WERR_DEFAULT_JOIN_REQUIRED [2012/02/09 15:45:29.014909, 10] intl/lang_tdb.c:138() lang_tdb_init: /usr/lib/samba/en_GB.UTF-8.msg: No such file or directory Failed to join domain: failed to precreate account in ou MITKerberos/Services: Invalid DN syntax [2012/02/09 15:45:29.015245, 2] utils/net.c:916() return code = -1 The smb.conf for this is as follows [global] server string = SMBTEST Samba Server security = ADS realm = AAA.ADS.DOMAIN.COM netbios name = SMBTEST workgroup = AAA interfaces = SMBTEST.uk.domain.com bind interfaces only = Yes log level = 3 log file = /var/samba/log/log.%m max log size = 128 socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=65536 SO_SNDBUF=65536 SO_KEEPALIVE nis homedir = No hide dot files = Yes wide links = No local master = No domain master = No preferred master = No os level = 0 [homes] comment = Home Directories browseable = yes public = no writable = yes Anyone have any pointers on how to create principles and join AD using 3.5.8 or any ideas of relevant changes between 3.0.35 and 3.5.8 that might explain this? Regards Paul -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
