[Samba] Unable to join ADS domain

Joe Howell jhowell_tsm at yahoo.com
Wed Feb 11 19:05:54 GMT 2004 

I've installed Samba 3.0.2 (from the source) on a SuSE
8.2 system with MIT Kerberos 1.3.1 (I uninstalled the
Heimdal code) and the OpenLDAP 2.1.27 development
libraries installed on it.  I want to make this system
a domain member of a Win2K native-mode ADS domain but
can't get "net ads join" to work.  I've run "kinit
myid at MYDOMAIN.COM" and I get at ticket, but when I do
"net ads join -Umyid%mypswd" I get no output from the
command and I don't get a machine account in the
domain.

My /etc/krb5.conf looks like:
logging]
        default = FILE:/var/log/krb5libs.log
        kdc = FILE:/var/log/krb5kdc.log
        admin_server = FILE:/var/log/kadmind.log

[libdefaults]
        default_realm =MYDOMAIN.COM
        clockskew = 300
        default_tkt_enctypes = des-cbc-crc des-cbc-md5
        default_tgs_enctypes = des-cbc-crc des-cbc-md5

[realms]
        MYDOMAIN.COM = {
                kdc = DCSRV1.MYDOMAIN.COM:88
                admin_server = dcsrv1.mydomain.com:749
                default_domain = mydomain.com
        }
[domain_realm]
        .mydomain.com = MYDOMAIN.COM
        mydomain.com = MYDOMAIN.COM


My /usr/local/samba/lib/smb.conf looks like:

[global]
        realm = MYDOMAIN.COM
        security = ads
        password server = 10.4.1.13
        workgroup = MYDOMAIN
        netbios name = susesrv
        server string = SAMBA SERVER
        encrypt passwords = yes

        printcap name = /etc/printcap
        load printers = yes
        printing = cups

        log file = /var/log/samba/%m.log
        max log size = 10000

        socket options = TCP_NODELAY SO_RCVBUF=8192
SO_SNDBUF=8192

        local master = no
        domain master = no
        preferred master = no
        wins server = 10.4.1.60
        dns proxy = no

#===============SHARE
DEFINITIONS=======================

[public]
        path = /usr/public
        browseable = yes
        writeable = yes
        guest ok = no

[printers]
        path = /var/spool/samba
        browseable = yes
        writeable = no
        guest ok = yes
        printable = yes

.COM
        security = ads
        password server = 10.4.1.13
        workgroup = COLUMBIA
        netbios name = susesrv
        server string = IBM Aptiva in Joe's cube
        encrypt passwords = yes

        printcap name = /etc/printcap
        load printers = yes
        printing = cups

        log file = /var/log/samba/%m.log
        max log size = 10000

        socket options = TCP_NODELAY SO_RCVBUF=8192
SO_SNDBUF=8192

        local master = no
        domain master = no
        preferred master = no
        wins server = 10.4.1.60
        dns proxy = no

#===============SHARE
DEFINITIONS=======================

[public]
        path = /usr/public
        browseable = yes
        writeable = yes
        guest ok = no

[printers]
        path = /var/spool/samba
        browseable = yes
        writeable = no
        guest ok = yes
        printable = yes



=====
Joe Howell
Shelter Insurance Companies
Columbia, MO

__________________________________
Do you Yahoo!?
Yahoo! Finance: Get your refund fast by filing online.
http://taxes.yahoo.com/filing.html

More information about the samba mailing list