The problem is that Kerberos can only deal with flatname space to function so you cannot have subdomain.domain.com as the Linux server name in DNS. Changing that solved this for me.
-----Original Message----- From: Calderon, Willy (NIH/NINDS) [C] Sent: Monday, January 28, 2008 7:58 PM To: Guillermo Gutierrez; samba@lists.samba.org Subject: RE: [Samba] joining an AD Thanks. I keep getting this error every time I log in now with the options you've given below [2008/01/28 19:49:22, 4] libads/sasl.c:ads_sasl_bind(521) Found SASL mechanism GSS-SPNEGO [2008/01/28 19:49:22, 3] libads/sasl.c:ads_sasl_spnego_bind(213) ads_sasl_spnego_bind: got OID=1 2 840 48018 1 2 2 [2008/01/28 19:49:22, 3] libads/sasl.c:ads_sasl_spnego_bind(213) ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 [2008/01/28 19:49:22, 3] libads/sasl.c:ads_sasl_spnego_bind(213) ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 3 [2008/01/28 19:49:22, 3] libads/sasl.c:ads_sasl_spnego_bind(213) ads_sasl_spnego_bind: got OID=1 3 6 1 4 1 311 2 2 10 [2008/01/28 19:49:22, 3] libads/sasl.c:ads_sasl_spnego_bind(222) ads_sasl_spnego_bind: got server principal name = [EMAIL PROTECTED] [2008/01/28 19:49:22, 4] libsmb/clikrb5.c:ads_krb5_mk_req(610) ads_krb5_mk_req: Advancing clock by 63 seconds to cope with clock skew [2008/01/28 19:49:22, 3] libsmb/clikrb5.c:ads_cleanup_expired_creds(528) ads_cleanup_expired_creds: Ticket in ccache[MEMORY:net_ads] expiration Tue, 29 Jan 2008 05:50:25 EST Bad option: SEVERN Failed to join domain: Invalid parameter [2008/01/28 19:49:22, 2] utils/net.c:main(1032) return code = -1 * * * * Willy Calderon Contractor - LCG Systems Unix Systems Administrator Bldg. 10, NIH/NINDS Tel: 301 435 1913 -----Original Message----- From: Guillermo Gutierrez [mailto:[EMAIL PROTECTED] Sent: Mon 1/28/2008 4:57 PM To: Calderon, Willy (NIH/NINDS) [C]; samba@lists.samba.org Subject: RE: [Samba] joining an AD Whoops, The trailing (") should be at the end of the OU path, in your case after the 'AD'. The computername is a separate value that you are feeding it. net ads join createcomputer="Servers/Windows/Computers/AD" computername -----Original Message----- From: Calderon, Willy (NIH/NINDS) [C] [mailto:[EMAIL PROTECTED] Sent: Monday, January 28, 2008 1:59 PM To: Guillermo Gutierrez; samba@lists.samba.org Subject: RE: [Samba] joining an AD Is there a trailing quote (") after computer name ? * * * * Willy Calderon Contractor - LCG Systems Tel: 301 435 1913 -----Original Message----- From: Guillermo Gutierrez [mailto:[EMAIL PROTECTED] Sent: Monday, January 28, 2008 4:45 PM To: Calderon, Willy (NIH/NINDS) [C]; samba@lists.samba.org Subject: RE: [Samba] joining an AD You have to use the "createcomputer" parameter if you want to specify the OUs. Ex: net ads join createcomputer="Servers/Windows/Computers/AD computername -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Calderon, Willy (NIH/NINDS) [C] Sent: Monday, January 28, 2008 1:17 PM To: samba@lists.samba.org Subject: [Samba] joining an AD Hi there - I am trying to join the domain using the net ads join command but keep getting a " Bad option: Servers/Windows/Computers/AD Failed to join domain: Invalid parameter when I try to add the computer into the correct OU like so: net ads join "Servers/Windows/Computers/AD Is there a correct way to get this to work? I'm on a Red Hat Enterprise 4 system with samba-3.0.25b-1.el4_6.4 -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba