I am having the same exact problem except I am on Fedora Core 1 with Samba 3.0.4. Does the machine already exist in the domain/OU ?
Jack -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Art Fore Sent: Friday, May 21, 2004 1:44 PM To: [EMAIL PROTECTED] Subject: Re: [Samba] Suse 9.1 Samba I do not have Administrator password, but I use my logon and password in XP to create an account when I change machine name. Art Shannon Johnson wrote: >Does the user "art_fore" have permission to create accounts on the >Windows server? If not, try the Administrator account and see if that >works... > >____________________________ > >Shannon Johnson >Network Support Specialist / Systems Administrator >Dept. of Mechanical and Nuclear Engineering >224 Reber Building >University Park, PA 16802 >Phone: (814) 865-8267 >____________________________ > > > > >>-----Original Message----- >>From: Art Fore [mailto:[EMAIL PROTECTED] >>Sent: Friday, May 21, 2004 1:13 PM >>To: [EMAIL PROTECTED] >>Subject: [Samba] Suse 9.1 Samba >> >>I have been trying for two weeks to get onto a Win2k domain which has >>active directory with no success. The Suse YAST samba client will not >> >> >do > > >>ADS, only domain, server, or user, so I went to the command line stuff >> >> >I > > >>found the the Samba documentation. >> >>I can do kinit and get back the following: >> >>sha-linux:/etc/samba # kinit [EMAIL PROTECTED] >> >>[EMAIL PROTECTED]'s Password: >> >>kinit: NOTICE: ticket renewable lifetime is 1 week >> >>When I do the net ads join, I get: (I use the same name and password >> >> >in > > >>WinXP, different computer name and it works) >> >>sha-linux:/etc/samba # net ads join -U art_fore >> >>art_fore's password: >> >>[2004/05/20 20:48:47, 0] libads/ldap.c:ads_add_machine_acct(1006) >> >>Host account for sha-linux already exists - modifying old account >> >>[2004/05/20 20:48:47, 0] libads/ldap.c:ads_join_realm(1342) >> >>ads_add_machine_acct: Insufficient access >> >>ads_join_realm: Insufficient access >> >>If I do the klist Tickets, it does not work, so I do klist -T: >> >>sha-linux:/etc/samba # klist -T >> >>Credentials cache: FILE:/tmp/krb5cc_0 >> >>Principal: [EMAIL PROTECTED] >> >>Issued Expires Principal >> >>May 20 21:08:26 May 21 07:08:26 krbtgt/[EMAIL PROTECTED] >> >>Below is the global part of the smb.conf file: >> >>[global] >> >>workgroup = 3MTS >> >>realm = 3MTS.COM >> >>interfaces = 127.0.0.1 eth0 >> >>bind interfaces only = true >> >>printing = cups >> >>printcap name = cups >> >>printer admin = @ntadmin, root, administrator >> >>map to guest = Bad User >> >>security = ADS >> >>encrypt passwords = yes >> >>password server = mailman >> >>idmap uid = 10000-20000 >> >>idmap gid = 10000-20000 >> >>passdb backend = smbpasswd:/etc/samba/smbpasswd >> >>server string = Samba Server >> >>netbios name = sha-linux >> >>add machine script = >> >>domain master = false >> >>domain logons = no >> >>local master = no >> >>preferred master = auto >> >>load printers = no >> >>ldap suffix = dc=com >> >>We use ldap and do not use PAM. Our local win network guru has no idea >>and is of no help. Does anyone have any ideas what the problem is? >>Winbind, smb and nmb are running. >> >>Art >> >> >>-- >>To unsubscribe from this list go to the following URL and read the >>instructions: http://lists.samba.org/mailman/listinfo/samba >> >> > > > > > -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
