[Samba] Centos 3.5/Debian 3.1 - Join to ADS (2003+SP1 mixed) Hang
Forever
Cesar Lagarrigue
clagarrigue at bee.cl
Thu Aug 25 17:50:18 GMT 2005
Hello :
I tried to join to my active directory, i run the follow command, i read
all hit into google about this and "all" howto on the google "how join a
linux to a active directory"....and all possible combination of words
about the last error, i found other people with the same error...but not
solution.
I tried into Debian (3.0.14a) and Centos(3.0.14a and 3.0.20 manual
compiled), both with krb5(1.2.7 and 1.4.2 manual compiled) /
openldap-2.0.27, libs, and servers, workstation,etc.
#net ads join -Uadministrator%password -d 10
...
[2005/08/25 13:14:38, 5] libads/ldap_utils.c:ads_do_search_retry(56)
Search for (objectclass=*) gave 1 replies
(Hang forever)
Please i have spend a lot of time... but not have any clue....if this
have solution i like to put a proxy squid with autentication
(http://mkeadle.org/index.php?p=13)
attach Configurations....
[root at wks024 bin]# ./kinit username at ADS.LOCAL
Password for username at ADS.LOCAL:
[root at wks024 bin]# ./klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: username at ADS.LOCAL
Valid starting Expires Service principal
08/25/05 13:33:06 08/25/05 23:33:48 krbtgt/ADS.LOCAL at ADS.LOCAL
renew until 08/26/05 13:33:06
Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached
[root at wks024 bin]#
/etc/krb5.conf
[libdefaults]
default_realm = ADS.LOCAL
clockskew = 300
[realms]
BEE.CL = {
kdc = beesafe
default_domain = ADS.LOCAL
kpasswd_server = beesafe
}
[domain_realm]
.ADS.LOCAL = ADS.LOCAL
smb.conf
[global]
workgroup = ADS@
netbios name = WKS024
realm = ADS.LOCAL
password server = 10.0.0.1
server string = Servidor Pruebas
security = ads
encrypt passwords = Yes
log file = /var/log/samba/%m.log
max log size = 0
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
preferred master = False
local master = No
domain master = False
dns proxy = No
wins server = 10.0.0.1
winbind separator = /
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = yes
idmap uid = 10000-20000
idmap gid = 10000-20000
The all log are this :
[2005/08/25 13:14:38, 5] lib/debug.c:debug_dump_status(368)
INFO: Current debug levels:
all: True/10
tdb: False/0
printdrivers: False/0
lanman: False/0
smb: False/0
rpc_parse: False/0
rpc_srv: False/0
rpc_cli: False/0
passdb: False/0
sam: False/0
auth: False/0
winbind: False/0
vfs: False/0
idmap: False/0
quota: False/0
acls: False/0
locking: False/0
msdfs: False/0
[2005/08/25 13:14:38, 3] param/loadparm.c:lp_load(4082)
lp_load: refreshing parameters
[2005/08/25 13:14:38, 3] param/loadparm.c:init_globals(1366)
Initialising global parameters
[2005/08/25 13:14:38, 3] param/params.c:pm_process(574)
params.c:pm_process() - Processing configuration file
"/etc/samba/smb.conf"
[2005/08/25 13:14:38, 3] param/loadparm.c:do_section(3542)
Processing section "[global]"
doing parameter netbios name = WKS024
[2005/08/25 13:14:38, 4] param/loadparm.c:handle_netbios_name(2881)
handle_netbios_name: set global_myname to: WKS024
doing parameter realm = ADS.LOCAL
doing parameter password server = 10.0.0.1
doing parameter server string = Servidor Pruebas Kerberos
doing parameter security = ads
doing parameter encrypt passwords = Yes
doing parameter log file = /var/log/samba/%m.log
doing parameter max log size = 0
doing parameter socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
doing parameter preferred master = False
doing parameter local master = No
doing parameter domain master = False
doing parameter dns proxy = No
doing parameter wins server = 10.0.0.1
doing parameter winbind separator = /
doing parameter winbind enum users = yes
doing parameter winbind enum groups = yes
doing parameter winbind use default domain = yes
doing parameter idmap uid = 10000-20000
doing parameter idmap gid = 10000-20000
[2005/08/25 13:14:38, 4] param/loadparm.c:lp_load(4113)
pm_process() returned Yes
[2005/08/25 13:14:38, 7] param/loadparm.c:lp_servicenumber(4226)
lp_servicenumber: couldn't find homes
[2005/08/25 13:14:38, 10] param/loadparm.c:set_server_role(4031)
set_server_role: role = ROLE_DOMAIN_MEMBER
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(103)
Attempting to register new charset UCS-2LE
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(111)
Registered charset UCS-2LE
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(103)
Attempting to register new charset UTF-16LE
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(111)
Registered charset UTF-16LE
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(103)
Attempting to register new charset UCS-2BE
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(111)
Registered charset UCS-2BE
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(103)
Attempting to register new charset UTF-16BE
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(111)
Registered charset UTF-16BE
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(103)
Attempting to register new charset UTF8
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(111)
Registered charset UTF8
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(103)
Attempting to register new charset UTF-8
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(111)
Registered charset UTF-8
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(103)
Attempting to register new charset ASCII
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(111)
Registered charset ASCII
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(103)
Attempting to register new charset 646
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(111)
Registered charset 646
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(103)
Attempting to register new charset ISO-8859-1
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(111)
Registered charset ISO-8859-1
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(103)
Attempting to register new charset UCS2-HEX
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(111)
Registered charset UCS2-HEX
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/util.c:init_names(260)
Netbios name list:-
my_netbios_names[0]="WKS024"
[2005/08/25 13:14:38, 2] lib/interface.c:add_interface(81)
added interface ip=10.0.0.11 bcast=10.0.0.155 nmask=255.255.255.0
[2005/08/25 13:14:38, 6] libads/ldap.c:ads_find_dc(214)
ads_find_dc: looking for realm 'ADS.LOCAL'
[2005/08/25 13:14:38, 8] libsmb/namequery.c:get_sorted_dc_list(1433)
get_sorted_dc_list: attempting lookup using [ads]
[2005/08/25 13:14:38, 10] libsmb/namequery.c:remove_duplicate_addrs2(320)
remove_duplicate_addrs2: looking for duplicate address/port pairs
[2005/08/25 13:14:38, 4] libsmb/namequery.c:get_dc_list(1406)
get_dc_list: returning 1 ip addresses in an ordered list
[2005/08/25 13:14:38, 4] libsmb/namequery.c:get_dc_list(1407)
get_dc_list: 10.0.0.1:389
[2005/08/25 13:14:38, 5] libads/ldap.c:ads_try_connect(123)
ads_try_connect: trying ldap server '10.0.0.1' port 389
[2005/08/25 13:14:38, 3] libads/ldap.c:ads_connect(285)
Connected to LDAP server 10.0.0.1
[2005/08/25 13:14:38, 3] libads/ldap.c:ads_server_info(2514)
got ldap server name ADSserver at ADS.LOCAL, using bind path: dc=ADS,dc=LOCAL
[2005/08/25 13:14:38, 4] libads/ldap.c:ads_server_info(2520)
time offset is 37 seconds
[2005/08/25 13:14:38, 4] libads/sasl.c:ads_sasl_bind(451)
Found SASL mechanism GSS-SPNEGO
[2005/08/25 13:14:38, 3] libads/sasl.c:ads_sasl_spnego_bind(206)
ads_sasl_spnego_bind: got OID=1 2 840 48018 1 2 2
[2005/08/25 13:14:38, 3] libads/sasl.c:ads_sasl_spnego_bind(206)
ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2
[2005/08/25 13:14:38, 3] libads/sasl.c:ads_sasl_spnego_bind(206)
ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 3
[2005/08/25 13:14:38, 3] libads/sasl.c:ads_sasl_spnego_bind(206)
ads_sasl_spnego_bind: got OID=1 3 6 1 4 1 311 2 2 10
[2005/08/25 13:14:38, 3] libads/sasl.c:ads_sasl_spnego_bind(215)
ads_sasl_spnego_bind: got server principal name =ADSserver$@ADS.LOCAL
[2005/08/25 13:14:38, 3] libsmb/clikrb5.c:ads_krb5_mk_req(384)
ads_krb5_mk_req: krb5_cc_get_principal failed (No credentials cache found)
[2005/08/25 13:14:38, 4] libsmb/clikrb5.c:ads_krb5_mk_req(400)
ads_krb5_mk_req: Advancing clock by 37 seconds to cope with clock skew
[2005/08/25 13:14:38, 3] libsmb/clikrb5.c:ads_cleanup_expired_creds(321)
Ticket in ccache[MEMORY:net_ads] expiration Thu, 25 Aug 2005 23:15:15 GMT
[2005/08/25 13:14:38, 10] libsmb/clikrb5.c:ads_krb5_mk_req(411)
ads_krb5_mk_req: Ticket (ADSserver$@ADS.LOCAL) in ccache
(MEMORY:net_ads) is valid
until: (Thu, 25 Aug 2005 23:15:15 GMT - 1125026115)
[2005/08/25 13:14:38, 10] libsmb/clikrb5.c:get_krb5_smb_session_key(512)
Got KRB5 session key of length 16
[2005/08/25 13:14:38, 10] lib/util.c:name_to_fqdn(2669)
name_to_fqdn: lookup for wks024 -> wks024.ADS.LOCAL.
[2005/08/25 13:14:38, 0] libads/ldap.c:ads_add_machine_acct(1400)
ads_add_machine_acct: Host account for wks024 already exists -
modifying old a
ccount
[2005/08/25 13:14:38, 5] libads/ldap_utils.c:ads_do_search_retry(56)
Search for (objectclass=*) gave 1 replies
More information about the samba
mailing list