I'm having trouble adding a samba member server to a Windows Active Directory domain.
samba server is version 3.0.28 compiled with ads support on Debian Sarge. I've read the Samba ADS Domain Membership HOWTO and followed it as best I could. I am successful authenticating with kinit -V [EMAIL PROTECTED] Password for [EMAIL PROTECTED]: Authenticated to Kerberos v5 Very minimal smb.conf [Global] workgroup = MY realm = MY.DOMAIN.NET security = ADS password server = dc1.my.domain.net I'm trying to add the server with the command: net ads -d 2 join -U [EMAIL PROTECTED] The result is lib/interface.c:add_interface(81) added interface ip=192.168.15.10 bcast=192.168.15.127 mask=255.255.255.128 [EMAIL PROTECTED]'s password: libsmb/cliconnect.c:cli_session_setup_kerberos(613) Doing kerberos session setup Using short domain name -- MY rpc_client/cli_pipe.c:cli_rpc_pipe_open(2222) cli_rpc_pipe_open: cli_nt_create failed on pipe \NETLOGON to machine DC1.MY.DOMAIN.NET. Error was NT_STATUS_ACCESS_DENIED utils/net_rpc_join.c:net_rpc_join_ok(70) net_rpc_join_ok: failed to get schannel session key from server INPPWOADC1.MY.DOMAIN.NET for domain NPS. Error was NT_STATUS_ACCESS_DENIED Failed to verify membership in domain! Failed to join domain: Success utils/net.c:main(1036) return code = -1 A few things to note: This is in a very large domain. I do not have Administrator access to a domain controller. I can only add computers to my OU. The member server account already exists on the server. My OU for computers is my.domain.net/PWR/A and B Network/HQ10/Computers I've seen reference in the HOWTO for adding to a specific OU with net ads join "Computers/BusinessUnit/Department/Servers" but I'm not sure if the spaces in my OU "A and B Network" are causing problems. When I use the command with the OU I get Bad option: /PWR/A and B Network/HQ10/Computers Failed to join domain: Invalid parameter I've tried different ways of escaping the spaces but I'm not even sure if that's even the problem. Any suggestions would be greatly appreciated. Mike -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
