I figured it out. I had changed my hostname after winbind started. All I needed to do was restart winbind (svcadm restart winbind).
Hopefully this will help someone else in the future... On Thu, Nov 13, 2008 at 5:45 PM, William Usher <[EMAIL PROTECTED]> wrote: > Hi all, > I'm not having any success adding samba (3.0.28 on Solaris 10) to a Windows > AD server (2003 R2) per the instructions here: (In addition to much > googling) > http://us3.samba.org/samba/docs/man/Samba-Guide/unixclients.html#adssdm > > The error is: > bash-3.00# /usr/sfw/sbin/net ads join -U Administrator > Administrator's password: > Using short domain name -- BETA > Failed to set servicePrincipalNames. Please ensure that > the DNS domain of this server matches the AD domain, > Or rejoin with using Domain Admin credentials. > Deleted account for 'SOLARIS' in realm 'BETA.LOCAL' > Failed to join domain: Type or value exists > > > Thanks for you help. More information below. > > Windows AD domain name: beta.local > > Background: > bash-3.00# hostname > solaris > bash-3.00# domainname > beta.local > > smb.conf --------------------------------- > > [global] > log level = 1 > syslog = 0 > log file = /var/log/samba/%m > max log size = 50 > idmap uid = 10000-20000 > idmap gid = 10000-20000 > winbind separator = + > workgroup = beta > server string = Samba > security = ADS > > ----------------------------------------- > > /etc/krb5/krb5.conf-------------- > [libdefaults] > default_realm = BETA.local > > [realms] > BETA.local = { > kdc = will-ea96ec1f1e.beta.local: > default_domain = beta.local > } > > [domain_realm] > BETA.local = BETA.local > .BETA.local = BETA.local > > [logging] > default = FILE:/var/krb5/kdc.log > kdc = FILE:/var/krb5/kdc.log > kdc_rotate = { > > period = 1d > > versions = 10 > } > > [appdefaults] > kinit = { > renewable = true > forwardable= true > } > gkadmin = { > help_url = > http://docs.sun.com:80/ab2/coll.384.1/SEAM/@AB2PageView/1195 } > ----------------------------------------------- > > > ==================================================================== > bash-3.00# /usr/sfw/sbin/net ads join -U Administrator -d3 > [2008/11/13 17:43:35, 3] param/loadparm.c:(5031) > lp_load: refreshing parameters > [2008/11/13 17:43:35, 3] param/loadparm.c:(1430) > Initialising global parameters > [2008/11/13 17:43:35, 3] param/params.c:(572) > params.c:pm_process() - Processing configuration file "/etc/sfw/smb.conf" > [2008/11/13 17:43:35, 3] param/loadparm.c:(3770) > Processing section "[global]" > [2008/11/13 17:43:35, 2] lib/interface.c:(81) > added interface ip=192.168.0.10 bcast=192.168.0.255 nmask=255.255.255.0 > [2008/11/13 17:43:35, 3] libsmb/namequery.c:(1489) > get_dc_list: preferred server list: "192.168.0.1, *" > [2008/11/13 17:43:35, 3] libads/ldap.c:(394) > Connected to LDAP server 192.168.0.1 > [2008/11/13 17:43:35, 3] libsmb/namequery.c:(1489) > get_dc_list: preferred server list: "192.168.0.1, *" > [2008/11/13 17:43:35, 3] libsmb/namequery.c:(1489) > get_dc_list: preferred server list: "192.168.0.1, *" > Administrator's password: > [2008/11/13 17:43:41, 3] libsmb/namequery.c:(1489) > get_dc_list: preferred server list: "192.168.0.1, *" > [2008/11/13 17:43:41, 3] libads/ldap.c:(394) > Connected to LDAP server 192.168.0.1 > [2008/11/13 17:43:41, 3] libads/sasl.c:(213) > ads_sasl_spnego_bind: got OID=1 2 840 48018 1 2 2 > [2008/11/13 17:43:41, 3] libads/sasl.c:(213) > ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 > [2008/11/13 17:43:41, 3] libads/sasl.c:(213) > ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 3 > [2008/11/13 17:43:41, 3] libads/sasl.c:(213) > ads_sasl_spnego_bind: got OID=1 3 6 1 4 1 311 2 2 10 > [2008/11/13 17:43:41, 3] libads/sasl.c:(222) > ads_sasl_spnego_bind: got server principal name = > [EMAIL PROTECTED] > [2008/11/13 17:43:41, 3] libsmb/clikrb5.c:(593) > ads_krb5_mk_req: krb5_cc_get_principal failed (No credentials cache file > found) > [2008/11/13 17:43:41, 3] libsmb/clikrb5.c:(528) > ads_cleanup_expired_creds: Ticket in ccache[MEMORY:net_ads] expiration > Fri, 14 Nov 2008 03:43:38 EST > [2008/11/13 17:43:41, 3] libsmb/namequery.c:(1489) > get_dc_list: preferred server list: "192.168.0.1, *" > [2008/11/13 17:43:41, 3] libads/ldap.c:(394) > Connected to LDAP server 192.168.0.1 > [2008/11/13 17:43:41, 3] libads/sasl.c:(213) > ads_sasl_spnego_bind: got OID=1 2 840 48018 1 2 2 > [2008/11/13 17:43:41, 3] libads/sasl.c:(213) > ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 > [2008/11/13 17:43:41, 3] libads/sasl.c:(213) > ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 3 > [2008/11/13 17:43:41, 3] libads/sasl.c:(213) > ads_sasl_spnego_bind: got OID=1 3 6 1 4 1 311 2 2 10 > [2008/11/13 17:43:41, 3] libads/sasl.c:(222) > ads_sasl_spnego_bind: got server principal name = > [EMAIL PROTECTED] > [2008/11/13 17:43:41, 3] libsmb/clikrb5.c:(528) > ads_cleanup_expired_creds: Ticket in ccache[MEMORY:net_ads] expiration > Fri, 14 Nov 2008 03:43:38 EST > [2008/11/13 17:43:41, 3] libsmb/cliconnect.c:(1509) > Connecting to host=will-ea96ec1f1e.beta.local > [2008/11/13 17:43:41, 3] lib/util_sock.c:(874) > Connecting to 192.168.0.1 at port 445 > [2008/11/13 17:43:41, 3] libsmb/cliconnect.c:(793) > Doing spnego session setup (blob length=115) > [2008/11/13 17:43:41, 3] libsmb/cliconnect.c:(818) > got OID=1 2 840 48018 1 2 2 > [2008/11/13 17:43:41, 3] libsmb/cliconnect.c:(818) > got OID=1 2 840 113554 1 2 2 > [2008/11/13 17:43:41, 3] libsmb/cliconnect.c:(818) > got OID=1 2 840 113554 1 2 2 3 > [2008/11/13 17:43:41, 3] libsmb/cliconnect.c:(818) > got OID=1 3 6 1 4 1 311 2 2 10 > [2008/11/13 17:43:41, 3] libsmb/cliconnect.c:(826) > got [EMAIL PROTECTED] > [2008/11/13 17:43:41, 2] libsmb/cliconnect.c:(613) > Doing kerberos session setup > [2008/11/13 17:43:41, 3] libsmb/clikrb5.c:(528) > ads_cleanup_expired_creds: Ticket in ccache[MEMORY:cliconnect] expiration > Fri, 14 Nov 2008 03:43:38 EST > [2008/11/13 17:43:41, 3] rpc_client/cli_pipe.c:(2081) > rpc_pipe_bind: Remote machine will-ea96ec1f1e.beta.local pipe \lsarpc > fnum 0x4003 bind request returned ok. > [2008/11/13 17:43:41, 3] rpc_parse/parse_lsa.c:(224) > lsa_io_sec_qos: length c does not match size 8 > [2008/11/13 17:43:41, 3] rpc_client/cli_pipe.c:(2081) > rpc_pipe_bind: Remote machine will-ea96ec1f1e.beta.local pipe \samr fnum > 0x4004 bind request returned ok. > Using short domain name -- BETA > [2008/11/13 17:43:41, 3] libsmb/cliconnect.c:(1509) > Connecting to host=will-ea96ec1f1e.beta.local > [2008/11/13 17:43:41, 3] lib/util_sock.c:(874) > Connecting to 192.168.0.1 at port 445 > [2008/11/13 17:43:41, 3] rpc_client/cli_pipe.c:(2081) > rpc_pipe_bind: Remote machine will-ea96ec1f1e.beta.local pipe \NETLOGON > fnum 0x4003 bind request returned ok. > [2008/11/13 17:43:41, 3] rpc_client/cli_pipe.c:(2081) > rpc_pipe_bind: Remote machine will-ea96ec1f1e.beta.local pipe \NETLOGON > fnum 0x4004 bind request returned ok. > Failed to set servicePrincipalNames. Please ensure that > the DNS domain of this server matches the AD domain, > Or rejoin with using Domain Admin credentials. > [2008/11/13 17:43:41, 3] libsmb/namequery.c:(1489) > get_dc_list: preferred server list: "192.168.0.1, *" > [2008/11/13 17:43:41, 3] libads/ldap.c:(394) > Connected to LDAP server 192.168.0.1 > [2008/11/13 17:43:41, 3] libads/sasl.c:(213) > ads_sasl_spnego_bind: got OID=1 2 840 48018 1 2 2 > [2008/11/13 17:43:41, 3] libads/sasl.c:(213) > ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 > [2008/11/13 17:43:41, 3] libads/sasl.c:(213) > ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 3 > [2008/11/13 17:43:41, 3] libads/sasl.c:(213) > ads_sasl_spnego_bind: got OID=1 3 6 1 4 1 311 2 2 10 > [2008/11/13 17:43:41, 3] libads/sasl.c:(222) > ads_sasl_spnego_bind: got server principal name = > [EMAIL PROTECTED] > [2008/11/13 17:43:41, 3] libsmb/clikrb5.c:(528) > ads_cleanup_expired_creds: Ticket in ccache[MEMORY:net_ads] expiration > Fri, 14 Nov 2008 03:43:38 EST > [2008/11/13 17:43:41, 3] libsmb/namequery.c:(1489) > get_dc_list: preferred server list: "192.168.0.1, *" > [2008/11/13 17:43:41, 3] libads/ldap.c:(394) > Connected to LDAP server 192.168.0.1 > [2008/11/13 17:43:41, 3] libads/sasl.c:(213) > ads_sasl_spnego_bind: got OID=1 2 840 48018 1 2 2 > [2008/11/13 17:43:41, 3] libads/sasl.c:(213) > ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 > [2008/11/13 17:43:41, 3] libads/sasl.c:(213) > ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 3 > [2008/11/13 17:43:41, 3] libads/sasl.c:(213) > ads_sasl_spnego_bind: got OID=1 3 6 1 4 1 311 2 2 10 > [2008/11/13 17:43:41, 3] libads/sasl.c:(222) > ads_sasl_spnego_bind: got server principal name = > [EMAIL PROTECTED] > [2008/11/13 17:43:41, 3] libsmb/clikrb5.c:(528) > ads_cleanup_expired_creds: Ticket in ccache[MEMORY:net_ads] expiration > Fri, 14 Nov 2008 03:43:38 EST > [2008/11/13 17:43:41, 3] libsmb/namequery.c:(1489) > get_dc_list: preferred server list: "192.168.0.1, *" > [2008/11/13 17:43:41, 3] libads/ldap.c:(394) > Connected to LDAP server 192.168.0.1 > [2008/11/13 17:43:41, 3] libads/sasl.c:(213) > ads_sasl_spnego_bind: got OID=1 2 840 48018 1 2 2 > [2008/11/13 17:43:41, 3] libads/sasl.c:(213) > ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 > [2008/11/13 17:43:41, 3] libads/sasl.c:(213) > ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 3 > [2008/11/13 17:43:41, 3] libads/sasl.c:(213) > ads_sasl_spnego_bind: got OID=1 3 6 1 4 1 311 2 2 10 > [2008/11/13 17:43:41, 3] libads/sasl.c:(222) > ads_sasl_spnego_bind: got server principal name = > [EMAIL PROTECTED] > [2008/11/13 17:43:41, 3] libsmb/clikrb5.c:(528) > ads_cleanup_expired_creds: Ticket in ccache[MEMORY:net_ads] expiration > Fri, 14 Nov 2008 03:43:38 EST > [2008/11/13 17:43:41, 3] libsmb/namequery.c:(1489) > get_dc_list: preferred server list: "192.168.0.1, *" > [2008/11/13 17:43:41, 3] libads/ldap.c:(394) > Connected to LDAP server 192.168.0.1 > [2008/11/13 17:43:41, 3] libads/sasl.c:(213) > ads_sasl_spnego_bind: got OID=1 2 840 48018 1 2 2 > [2008/11/13 17:43:41, 3] libads/sasl.c:(213) > ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 > [2008/11/13 17:43:41, 3] libads/sasl.c:(213) > ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 3 > [2008/11/13 17:43:41, 3] libads/sasl.c:(213) > ads_sasl_spnego_bind: got OID=1 3 6 1 4 1 311 2 2 10 > [2008/11/13 17:43:41, 3] libads/sasl.c:(222) > ads_sasl_spnego_bind: got server principal name = > [EMAIL PROTECTED] > [2008/11/13 17:43:41, 3] libsmb/clikrb5.c:(528) > ads_cleanup_expired_creds: Ticket in ccache[MEMORY:net_ads] expiration > Fri, 14 Nov 2008 03:43:38 EST > [2008/11/13 17:43:41, 3] libsmb/cliconnect.c:(1509) > Connecting to host=will-ea96ec1f1e.beta.local > [2008/11/13 17:43:41, 3] lib/util_sock.c:(874) > Connecting to 192.168.0.1 at port 445 > [2008/11/13 17:43:41, 3] libsmb/cliconnect.c:(793) > Doing spnego session setup (blob length=115) > [2008/11/13 17:43:41, 3] libsmb/cliconnect.c:(818) > got OID=1 2 840 48018 1 2 2 > [2008/11/13 17:43:41, 3] libsmb/cliconnect.c:(818) > got OID=1 2 840 113554 1 2 2 > [2008/11/13 17:43:41, 3] libsmb/cliconnect.c:(818) > got OID=1 2 840 113554 1 2 2 3 > [2008/11/13 17:43:41, 3] libsmb/cliconnect.c:(818) > got OID=1 3 6 1 4 1 311 2 2 10 > [2008/11/13 17:43:41, 3] libsmb/cliconnect.c:(826) > got [EMAIL PROTECTED] > [2008/11/13 17:43:41, 2] libsmb/cliconnect.c:(613) > Doing kerberos session setup > [2008/11/13 17:43:41, 3] libsmb/clikrb5.c:(528) > ads_cleanup_expired_creds: Ticket in ccache[MEMORY:cliconnect] expiration > Fri, 14 Nov 2008 03:43:38 EST > [2008/11/13 17:43:41, 3] rpc_client/cli_pipe.c:(2081) > rpc_pipe_bind: Remote machine will-ea96ec1f1e.beta.local pipe \lsarpc > fnum 0x4005 bind request returned ok. > [2008/11/13 17:43:41, 3] rpc_parse/parse_lsa.c:(224) > lsa_io_sec_qos: length c does not match size 8 > [2008/11/13 17:43:41, 3] rpc_client/cli_pipe.c:(2081) > rpc_pipe_bind: Remote machine will-ea96ec1f1e.beta.local pipe \samr fnum > 0x4007 bind request returned ok. > [2008/11/13 17:43:41, 3] libads/ldap.c:(3002) > ldap_delete_ext_s succeeded with error code 0 > Deleted account for 'SOLARIS' in realm 'BETA.LOCAL' > Failed to join domain: Type or value exists > [2008/11/13 17:43:41, 2] utils/net.c:(1036) > return code = -1 > bash-3.00# > > ===================================== > > -- > -Will > -- -Will -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
