Well, there has been no response to this problem yet. However, i have stumbled upon the solution myself. I am posting it in the hope that the solution is archived so others may see it.
As previously posted, this command gives an error: # /usr/local/samba/bin/net ads join -U Cowles-Admin Cowles-Admin's password: [2004/06/16 09:49:33, 0] libads/ldap.c:ads_add_machine_acct(1006) Host account for cowl-backup already exists - modifying old account [2004/06/16 09:49:33, 0] libads/ldap.c:ads_join_realm(1336) ads_add_machine_acct: No such object ads_join_realm: No such object However, if the OU that the pre-existing machine account is appended to the command line, it works: # /usr/local/samba/bin/net ads join -U Cowles-Admin \ "Cowles Library\Computers\testing" Cowles-Admin's password: [2004/06/16 09:51:21, 0] libads/ldap.c:ads_add_machine_acct(1006) Host account for cowl-backup already exists - modifying old account Using short domain name -- DRAKE Joined 'COWL-BACKUP' to realm 'DRAKE.EDU' I haven't done any testing yet, but so far it looks OK. On Tuesday 15 June 2004 09:31 am, Daniel Ramaley wrote: >I have a very similar problem. I just joined the list yesterday with > the intent of asking about it, after failure to find a solution via > Google. Here's the info on the problem: > >I have Samba 3.0.4 compiled from source running on OpenBSD 3.5. >Cowles-Admin is the name of a user that has administrative access to > an OU. I do not have administrator access to the entire Active > Directory tree. I created a computer account in Active Directory > called cowl-backup that the Samba server should use. > >For now i've been working with a fairly simple smb.conf: >[global] > workgroup = DRAKE > realm = DRAKE.EDU > netbios name = cowl-backup > security = ads > password server = * > encrypt passwords = yes > private dir = /etc/samba/private > >I believe i have Kerberos set up correctly since the command > # /usr/local/kerberos/bin/kinit [EMAIL PROTECTED] >runs just fine and after running it i can use smbclient to browse > shares without bring prompted for a password. For example, this > command to connect to Cowles-Admin's profile share works correctly: > # /usr/local/samba/bin/smbclient '\\Cowles-Library\Cowles-Admin' \ > -U Cowles-Admin -k > >I've created an account for the computer (cowl-backup) in AD. When i > try to join i get an error. Here's what happens: > # /usr/local/samba/bin/net ads join -U Cowles-Admin > Cowles-Admin's password: > [2004/06/14 09:56:02, 0] libads/ldap.c:ads_add_machine_acct(1006) > Host account for cowl-backup already exists - modifying old > account > [2004/06/14 09:56:02, 0] libads/ldap.c:ads_join_realm(1336) > ads_add_machine_acct: No such object > ads_join_realm: No such object >Using Google i was able to find a few others who had this problem, but >no solution. If anyone here knows how to fix this, i would appreciate >knowing about it. Thanks in advance. > >On Monday 14 June 2004 05:50 pm, M Maki wrote: >>I'm trying to join a Samba 3.0.4 (compiled from source on Debian) to >> an Active Directory as a member server. I believe Kerberos is >> configured correctly as kinit creates a ticket for the realm. >> Executables appear to have support for Kerberos and LDAP (smbd -b | >> grep KRB and grep LDAP) return OK. >> >>When I try to join the AD with >> net ads join -U myadminusername >>I'm prompted for my password but then get: >> libads/ldap.c:ads_add_machine_acct(1006) >> Host account for inpsamo-debian already exists - modifying old >> account libads/ldap.c:ads_join_realm(1336) >> ads_add_machine_acct: No such object >> ads_join_realm: No such object >> >>I only have admin rights for an ou of the Active Directory. Here is a >> Windows LDP search of my ou: >> >>ldap_search_s(ld, "DC=pwr,DC=int,DC=edited,DC=com", 2, "(ou=SAMO)", >> attrList, 0, &msg) >>Result <0>: (null) >>Matched DNs: >> >>Getting 1 entries: >>>> Dn: OU=SAMO,OU=Mediterranean Coast >> >>Network,OU=PWR,DC=pwr,DC=int,DC=edited,DC=com >> 2> objectClass: top; organizationalUnit; >> 1> ou: SAMO; >> 1> description: SAMO; >> 1> distinguishedName: OU=SAMO,OU=Mediterranean Coast >>Network,OU=PWR,DC=pwr,DC=int,DC=edited,DC=com; >> 1> name: SAMO; >> 1> canonicalName: pwr.int.edited.com/PWR/Mediterranean Coast >> Network/SAMO; >> >>I guess my question is could it be how my realm is configured >>(PWR.INT.EDITED.COM) or what else could keep me from joining the >> directory? >> >>Current smb.conf: >>[global] >> unix charset = LOCALE >> workgroup = PWR >> realm = PWR.INT.EDITED.COM >> server string = Samba 3.0.2 >> security = ADS >> username map = /etc/samba/smbusers >> log level = 1 >> syslog = 0 >> log file = /var/log/samba/%m >> max log size = 50 >> printcap name = CUPS >> ldap ssl = no >> idmap uid = 10000-20000 >> idmap gid = 10000-20000 >> template primary group = "Domain Users" >> template shell = /bin/bash >> winbind separator = + >> printing = cups >> >>[homes] >> comment = Home Directories >> valid users = %S >> read only = No >> browseable = No >> >>Thanks for any ideas... >> >>Mike > >-- >---------------------------------------------------------------------- >-- Dan Ramaley >Digital Media Library Specialist >(515) 271-1934 >Cowles Library 140, Drake University -- ------------------------------------------------------------------------ Dan Ramaley Digital Media Library Specialist (515) 271-1934 Cowles Library 140, Drake University -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba