[Samba] Problem Joining a ubuntu 12.04+samba to a W2k DC
L.P.H. van Belle
belle at bazuin.nl
Fri Feb 21 08:14:21 MST 2014
Hai,
Why are you using an IP blok which is reserved.
I suggest you first change to a private range and not a public range or do you own this range..
This is asking for problems..
I suggest, you try with this:
1) check time on both servers, and set te same.
2) The realm must be in uppercase or you will get a
“Cannot find KDC for requested realm while getting initial credentials” error (Kerberos is case-sensitive!).
but i see all CAPS in your config, but not with the join.
join with : ( this is a join as DC, but look at this and what you typed.
sudo samba-tool domain join FAMILY.LOCAL DC -Uadministrator --realm=FAMILY.LOCAL
change in your hosts file :
127.0.0.1 CHILD-SERVER CHILD-SERVER.FAMILY.LOCAL localhost
TO
127.0.0.1 localhost localhost.localdomain localhost.FAMILY.LOCAL
and you can try, below, but should not be needed.
krb5.conf
[libdefaults]
default_realm = FAMILY.LOCAL
ticket_lifetime = 24000
clock_skew = 300
default_etypes = des-cbc-crc des-cbc-md5
default_etypes_des = des-cbc-crc des-cbc-md5
Louis
>-----Oorspronkelijk bericht-----
>Van: carlosrpevertsz at gmail.com
>[mailto:samba-bounces at lists.samba.org] Namens Carlos R. Pena
>Verzonden: vrijdag 21 februari 2014 15:56
>Aan: samba at lists.samba.org
>Onderwerp: [Samba] Problem Joining a ubuntu 12.04+samba to a W2k DC
>
>
>Hello to everybody in the forum.
>
>I am trying to join a ubuntu server as a member of a domain controlled
>by a Windows 2000 Server.
>
>When i execute the join the system return de followin error:
>
>sudo net ads join -U administrator
>Enter administrator's password:
>Using short domain name -- FAMILY
>Joined 'CHILD-SERVER' to realm 'Family.local'
>net_update_dns_internal: Failed to connect to our DC!
>DNS update failed!
>
>Can anybody help me? Any ideas?
>
>Sincerely,
>
>Carlos
>
>****************************************************
>Here is the detailed information about my installation.
>
>
>Domain = FAMILY.LOCAL
>
>DC
>Server Name = PARENT-SERVER
>IP = 26.4.0.1
>OS = Windows 2000 Server
>Admin User = administrator
>
>
>Member Server to be Joined to the Domain
>Server Name = CHILD-SERVER
>IP = 26.4.0.2
>OS = Ubuntu 12.04
>Admin User = administrator
>
>
>
>***************************************************************
>**********
>/etc/hosts
>
>127.0.0.1 CHILD-SERVER CHILD-SERVER.FAMILY.LOCAL localhost
>26.4.0.1 PARENT-SERVER PARENT-SERVER.FAMILY.LOCAL
>26.4.0.2 CHILD-SERVER CHILD-SERVER.FAMILY.LOCAL
>
># The following lines are desirable for IPv6 capable hosts
>::1 ip6-localhost ip6-loopback
>fe00::0 ip6-localnet
>ff00::0 ip6-mcastprefix
>ff02::1 ip6-allnodes
>ff02::2 ip6-allrouters
>
>***************************************************************
>***********
>/etc/krb5.conf
>
>[libdefaults]
> default_realm = FAMILY.LOCAL
> ticket_lifetime = 24000
> clock_skew = 300
>
>
>[realms]
> FAMILY.LOCAL = {
> kdc = PARENT-SERVER.FAMILY.LOCAL
> admin_server = PARENT-SERVER.FAMILY.LOCAL
> default_domain = FAMILY.LOCAL
> }
>
>
>[domain_realm]
> .family.local = FAMILY.LOCAL
> family.local = FAMILY.LOCAL
>
>
>***************************************************************
>*****************
>/etc/samba/smb.conf
>
>[global]
> security = ads
> realm = FAMILY.LOCAL
> password server = 26.4.0.1
> workgroup = FAMILY
> server string = %h server (Samba, Ubuntu)
> idmap uid = 10000-20000
> idmap gid = 10000-20000
> winbind enum users = yes
> winbind enum groups = yes
> winbind cache time = 10
> winbind use default domain = yes
>
> client use spnego = yes
> client ntlmv2 auth = yes
> encrypt passwords = true
> restrict anonymous = 2
>
> domain master = no
> local master = no
> preferred master = no
> os level = 0
>
>[OurShare]
> commend = Our Share
> valid users = @FAMILY\PEOPLE, FAMILY/ADMINISTRATOR, administrator
> admin users = FAMILY/ADMINISTRATOR, administrator
> browseable = no
> path = /OurShare
> read only = no
> public = no
> force create mode = 777
> create mask = 777
> security mask = 777
> force security mode = 777
>
> directory mask = 2777
> force directory mode = 2777
> directory security mask = 2777
> force directory security mode = 2777
>
>
>--
>To unsubscribe from this list go to the following URL and read the
>instructions: https://lists.samba.org/mailman/options/samba
>
>
More information about the samba
mailing list