RE: [Samba] failed to join domain error - solved
Dear All, googling arround and trying various options finally i mamaged to have my Centos 5.2 server join my win2003AD Server.. really banged my head through but never thought it was so simple it was just basically the correct entries in my hosts n resolv.conf file thnks all, regards simon -Original Message- From: samba-bounces+james_zuelow=ci.juneau.ak...@lists.samba.org [mailto:samba-bounces+james_zuelow=ci.juneau.ak...@lists.samba .org] On Behalf Of Benedict simon Sent: Friday, 27 March, 2009 05:06 To: samba@lists.samba.org Subject: [Samba] failed to join domain error Dear All, I have succesfully managed to have my kerberos configured n working without error when i say kinit Administrator and after entering password i get the # prompt so its works fine now i configured /etc/samba/smb.conf but when i try to join my Win2003 ADS domain server net ads join -U Administrator Administrator's password: [2009/03/26 21:58:05, 0] utils/net_ads.c:ads_startup_int(286) ads_connect: No logon servers Failed to join domain: No logon servers thnks and Regards Simon -- Network ADMIN - KUWAIT MUNICIPALITY: I just had a host do this recently, using Samba 3.2.5-4 Debian. DNS was working fine, kerberos was working fine, but for some reason net ads join didn't want to work. I resolved it by putting an entry for a domain controller into /etc/hosts. After that net ads join worked fine. James ZuelowCBJ MIS (907)586-0236 Network Specialist...Registered Linux User No. 186591 -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. Thanks and really apprecite your quick reply by the way i do have a entry in my hosts file 172.16.2.227BALADIA.LOCAL also the realm was different from my krb5.conf file i think since i was jus tryin options so now the realm i have corrected and my realm in smb.conf n krb5.conf is the same also when i run net ads info it gives me -- Failed to get server's current time! LDAP server: 172.16.2.227 LDAP server name: kmun.baladia.local Realm: BALADIA.LOCAL Bind Path: dc=BALADIA,dc=LOCAL LDAP port: 389 Server time: Thu, 01 Jan 1970 03:00:00 AST KDC server: 172.16.2.227 Server time offset: 0 again i mention my AD win2003 server domain is BALADIA.LOCAL computer name is kmun ip === 172.16.2.227 apprecite if you could help me with somne suggestions thanks once again regards simon -- Network ADMIN - KUWAIT MUNICIPALITY: -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba -- Network ADMIN - KUWAIT MUNICIPALITY: -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
[Samba] failed to join domain error
Dear All,
I have succesfully managed to have my kerberos configured n working
without error when i say
kinit Administrator
and after entering password i get the # prompt
so its works fine
my krb5.conf
--
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = BALADIA.LOCAL
dns_lookup_kdc = false
dns_lookup_realm = false
[realms]
BALADIA.LOCAL = {
default_domain = baladia.local
kdc = xx.xx.xx.xx:88
admin_server = xx.xx.xx.xx:749
kdc = KMUN
}
[domain_realm]
baladia.local = BALADIA.LOCAL
klist shows
icket cache: FILE:/tmp/krb5cc_0
Default principal: administra...@baladia.local
Valid starting ExpiresService principal
03/26/09 11:33:04 03/26/09 21:33:18 krbtgt/baladia.lo...@baladia.local
renew until 03/27/09 11:33:04
Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached
now i configured /etc/samba/smb.conf but when i try to join my Win2003 ADS
domain server
net ads join -U Administrator
Administrator's password:
[2009/03/26 21:58:05, 0] utils/net_ads.c:ads_startup_int(286)
ads_connect: No logon servers
Failed to join domain: No logon servers
after googling and tryin various options in /etc/samba/smb.conf file here
is the latest smb.conf file
-
[global]
#--authconfig--start-line--
# Generated by authconfig on 2009/03/26 12:50:28
# DO NOT EDIT THIS SECTION (delimited by --start-line--/--end-line--)
# Any modification may be deleted or altered by authconfig in future
workgroup = BALADIA.LOCAL
; password server = kmun.baladia.local
password server = 172.16.2.227
realm = KMUN.BALADIA.LOCAL
security = ads
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
winbind separator = +
template shell = /bin/bash
winbind use default domain = true
winbind offline logon = false
encrypt passwords = yes
log level = 3
#--authconfig--end-line--
encrypt passwords = yes
dns proxy = no
server string = Samba Server Version %v
os level = 20
client use spnego = no
server signing = auto
--
where i could be goin wrong
i would be thankful and really apprecite your advice for any setting in my
smb.conf file
Is there anything else to check.
really once again apprecite your help and advice
when i run testparam it gives no errors
output of testparm is
--
[r...@testproxy ~]# testparm
Load smb config files from /etc/samba/smb.conf
Processing section [homes]
Processing section [printers]
Loaded services file OK.
'winbind separator = +' might cause problems with group membership.
Server role: ROLE_DOMAIN_MEMBER
Press enter to see a dump of your service definitions
[global]
workgroup = BALADIA.LOCAL
realm = KMUN.BALADIA.LOCAL
server string = Samba Server Version %v
security = ADS
password server = 172.16.2.227
log level = 3
server signing = auto
client use spnego = No
preferred master = No
dns proxy = No
idmap uid = 16777216-33554431
idmap gid = 16777216-33554431
template shell = /bin/bash
winbind separator = +
winbind use default domain = Yes
[homes]
comment = Home Directories
read only = No
browseable = No
[printers]
comment = All Printers
path = /var/spool/samba
printable = Yes
browseable = No
thnks and Regards
Simon
--
Network ADMIN
-
KUWAIT MUNICIPALITY:
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/options/samba
RE: [Samba] failed to join domain error
-Original Message- From: samba-bounces+james_zuelow=ci.juneau.ak...@lists.samba.org [mailto:samba-bounces+james_zuelow=ci.juneau.ak...@lists.samba .org] On Behalf Of Benedict simon Sent: Friday, 27 March, 2009 05:06 To: samba@lists.samba.org Subject: [Samba] failed to join domain error Dear All, I have succesfully managed to have my kerberos configured n working without error when i say kinit Administrator and after entering password i get the # prompt so its works fine now i configured /etc/samba/smb.conf but when i try to join my Win2003 ADS domain server net ads join -U Administrator Administrator's password: [2009/03/26 21:58:05, 0] utils/net_ads.c:ads_startup_int(286) ads_connect: No logon servers Failed to join domain: No logon servers thnks and Regards Simon -- Network ADMIN - KUWAIT MUNICIPALITY: I just had a host do this recently, using Samba 3.2.5-4 Debian. DNS was working fine, kerberos was working fine, but for some reason net ads join didn't want to work. I resolved it by putting an entry for a domain controller into /etc/hosts. After that net ads join worked fine. James ZuelowCBJ MIS (907)586-0236 Network Specialist...Registered Linux User No. 186591 -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. Thanks and really apprecite your quick reply by the way i do have a entry in my hosts file 172.16.2.227BALADIA.LOCAL also the realm was different from my krb5.conf file i think since i was jus tryin options so now the realm i have corrected and my realm in smb.conf n krb5.conf is the same also when i run net ads info it gives me -- Failed to get server's current time! LDAP server: 172.16.2.227 LDAP server name: kmun.baladia.local Realm: BALADIA.LOCAL Bind Path: dc=BALADIA,dc=LOCAL LDAP port: 389 Server time: Thu, 01 Jan 1970 03:00:00 AST KDC server: 172.16.2.227 Server time offset: 0 again i mention my AD win2003 server domain is BALADIA.LOCAL computer name is kmun ip === 172.16.2.227 apprecite if you could help me with somne suggestions thanks once again regards simon -- Network ADMIN - KUWAIT MUNICIPALITY: -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
