On Fri, 15 Aug 2003, Matthew McCarty wrote: > My goal here is to add my Redhat 9.0 box to the domain and authenticate > to the ADS Win2K domain from my Redhat 9.0 box. > > I have read the user gorup archives,man pages, for smb.conf and winbind, > and I have read Head/3.0 documentation, specifically this part is where > I started: > > http://us3.samba.org/samba/devel/docs/html/Samba-HOWTO-Collection.html#ads-member > > The docs are sadly not complete....
Then please tell us precisely what is missing! By saying that it's incomplete you are doing those of us who want to help you a disservice. For goodness sake tell us where it is incomplete and do not leave us in no mans land! Have you checked CVS as of about 1 hour ago? Samba3-rc1 has just been cut from the code tree - this means that if it is incomplete you have NO chance of getting this fixed for RC1. Had you told us what is missing you might have stood a chance of having complete documentation. Sorry, the ball is in your court. > > Anyway I am able to get wbinfo -u and wbinfo -g to work and of course I > joined the domain correctly. I can see the Redhat box in Network > neighborhood and in AD. I get the following error from wbinfo -t: > > checking the trust secret via RPC failed > error code was NT_STATUS_UNSUCCESFUL (0x0000001) > Could not check secret > > And when I try a wbinfo -a it fails with: > > error code was NT_STATUS_NO_LOGON_SERVERS (0xc000005e) > error message was: No logon servers > Could not authenticate...... So please send us a complete step by step list of exactly what you did. > > I ran across a newsgroup entry from June with the same problem as above > but there was no conclusion to the matter in the thread. Samba3 has undergone a LOT of change since June. Sorry, this is not necessarily useful information. > > It seems to me that, of course, it can't find the Win2k DC but when I do > a net lookup ldap|kdc everything comes up fine, reverse DNS lookup works > fine as well as forward DNS; AND why does wbinfo -u and -g work if it > can't find the DC? Do you have a network trace (capture from Ethereal) to show us? Have you tried to decode that yourself? Do you have a log level 10 log file to send us? Have you looked through that yourself? > > Anyway I am stuck here -- any help would be appreciated. Well, oddly enough, that's what we are trying to give you. :) > > Here is the relevant smb.conf entries: > > workgroup = mydoamin.com > realm = mydoamin.com > security = ads > idmap uid = 10000-20000 > idmap gid = 10000-20000 > winbind enum users = yes > winbind enum groups = yes > winbind use default domain = yes > template homedir = /home/%U > template shell = /bin/bash > name resolve order = hosts wins lmhosts bcast > create mode = 700 > directory = 700 > password server = * > encrypt passwords = yes - John T. -- John H Terpstra Email: [EMAIL PROTECTED] -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
