On Tuesday May 24 2005 2:51 pm, Michael Andrewjeski wrote: > Hi List, > > I'm attempting to join a win2k3 domain as a member server with great > difficulty. I've read The HowTo, but am hung when attempting to join the > Domain. I can kinit & klist Which seems good, but the ads join fails. > > Can someone help me understand what is causing the error listed below? > > Component particulars are: > > RH AS3, samba-3.0.14a compiled from source (./configure > --prefix=/usr/pkg/samba-3.0.14a --with-ads --with-ldap --with-winbind > --with-smb-mount --with-acl-support --with-pam --with-ldapsam) > > RedHat's krb5-*-1.2.7-44.rpm's > > I can send krb5.conf and smb.conf if needed! > > > Here's the command and subsequent > error: > > #net ads join -U'svcSAMBA%xxxxxxxx!' -S sfintra1.AD.CHECKPOINT.COM -d3 > > [2005/05/24 11:33:09, 3] param/loadparm.c:lp_load(3907) > lp_load: refreshing parameters > [2005/05/24 11:33:09, 3] param/loadparm.c:init_globals(1321) > Initialising global parameters > [2005/05/24 11:33:09, 3] param/params.c:pm_process(573) > params.c:pm_process() - Processing configuration file > "/usr/pkg/samba-3.0.14a/lib/smb.conf" [2005/05/24 11:33:09, 2] > lib/interface.c:add_interface(81) > added interface ip=172.16.211.151 bcast=172.16.211.255 > nmask=255.255.255.0 [2005/05/24 11:33:09, 3] libads/ldap.c:ads_connect(285) > Connected to LDAP server 209.87.220.50 > [2005/05/24 11:33:09, 3] libads/ldap.c:ads_server_info(2469) > got ldap server name [EMAIL PROTECTED], using bind path: > dc=AD,dc=CHECKPOINT,dc=COM [2005/05/24 11:33:09, 3] > libads/sasl.c:ads_sasl_spnego_bind(204) > ads_sasl_spnego_bind: got OID=1 2 840 48018 1 2 2 > [2005/05/24 11:33:09, 3] libads/sasl.c:ads_sasl_spnego_bind(204) > ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 > [2005/05/24 11:33:09, 3] libads/sasl.c:ads_sasl_spnego_bind(204) > ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 3 > [2005/05/24 11:33:09, 3] libads/sasl.c:ads_sasl_spnego_bind(204) > ads_sasl_spnego_bind: got OID=1 3 6 1 4 1 311 2 2 10 > [2005/05/24 11:33:09, 3] libads/sasl.c:ads_sasl_spnego_bind(211) > ads_sasl_spnego_bind: got server principal name > [EMAIL PROTECTED] [2005/05/24 11:33:09, 3] > libsmb/clikrb5.c:ads_krb5_mk_req(381) > ads_krb5_mk_req: krb5_cc_get_principal failed (No credentials cache > found) [2005/05/24 11:33:09, 3] > libsmb/clikrb5.c:ads_cleanup_expired_creds(318) Ticket in > ccache[MEMORY:net_ads] expiration Tue, 24 May 2005 21:33:09 GMT [2005/05/24 > 11:33:09, 1] libads/ldap.c:ads_default_ou_string(1085) Failed while > searching for: > <WKGUID=AA312825768811D1ADED00C04FD8D5CD,dc=AD,dc=CHECKPOINT,dc=COM> > ads_join_realm: Operations error > [2005/05/24 11:33:09, 2] utils/net.c:main(897) > return code = -1 > > Any help greatly appreciated.. > Mike > > Michael Andrewjeski > Unix Administrator > Zone Labs, A Check Point Company > http://www.zonelabs.com > Tel:� 415.633.4769 > Fax:� 415.633.4501
Do post you krb5.conf and smb.conf files. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
