cannot ADS join
trunks at dei.unipd.it
trunks at dei.unipd.it
Mon Jan 28 02:17:05 GMT 2002
Hi to everyone,
I'm trying to use samba-3.0-alpha13 to join a Samba client to a windows 2000
domain.
I did "kinit administrator at COPERNICO.ESU" and then I did "net ads join -U
administrator" but I got this:
[root at tsunami source]# net ads join -U administrator
administrator password:
[2002/01/28 11:02:23, 0] libads/ldap.c:ads_join_realm(324)
Host account for tsunami already exists - deleting for readd
[2002/01/28 11:02:24, 0] libads/ldap.c:ads_join_realm(335)
ads_add_machine_acct: Insufficient access
ads_join_realm: Insufficient access
Note that if I created an account on server I can delete them.
If anyone need to know klist entries here they are:
root at tsunami source]# klist -5 -e -f
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: administrator at COPERNICO.ESU
Valid starting Expires Service principal
01/28/02 11:02:23 01/28/02 20:58:40 krbtgt/COPERNICO.ESU at COPERNICO.ESU
Flags: IA, Etype (skey, tkt): DES cbc mode with RSA-MD5, DES cbc mode
with RSA-MD5
01/28/02 10:58:40 01/28/02 20:58:40 ldap/francesca at COPERNICO.ESU
Flags: A, Etype (skey, tkt): DES cbc mode with RSA-MD5, DES cbc mode
with RSA-MD5
01/28/02 10:58:40 01/28/02 20:58:40 ldap/francesca at COPERNICO.ESU
Flags: A, Etype (skey, tkt): DES cbc mode with CRC-32, DES cbc mode
with CRC-32
This is my smb.conf file:
realm = COPERNICO.ESU
ads server = francesca.copernico.esu
security = ADS
encrypt passwords = yes
workgroup = COPERNICO
log level = 1
syslog = 1
At last, I can run smbclient with "-k" options. For example
smbclient \\\\emanuela\\C\$ -k
(Emanuela is another machine in the domain)
run correctly.
On target machine I have
Z:\>klist tickets
Cached Tickets: (5)
Server: krbtgt/COPERNICO.ESU at COPERNICO.ESU
KerbTicket Encryption Type: RSADSI RC4-HMAC(NT)
End Time: 1/28/2002 20:43:41
Renew Time: 2/4/2002 10:43:41
Server: krbtgt/COPERNICO.ESU at COPERNICO.ESU
KerbTicket Encryption Type: RSADSI RC4-HMAC(NT)
End Time: 1/28/2002 20:43:41
Renew Time: 2/4/2002 10:43:41
Server: FRANCESCA$@COPERNICO.ESU
KerbTicket Encryption Type: RSADSI RC4-HMAC(NT)
End Time: 1/28/2002 20:43:41
Renew Time: 2/4/2002 10:43:41
Server: ldap/francesca.copernico.esu/copernico.esu at COPERNICO.ESU
KerbTicket Encryption Type: RSADSI RC4-HMAC(NT)
End Time: 1/28/2002 20:43:41
Renew Time: 2/4/2002 10:43:41
Server: EMANUELA$@COPERNICO.ESU
KerbTicket Encryption Type: RSADSI RC4-HMAC(NT)
End Time: 1/28/2002 20:43:41
Renew Time: 2/4/2002 10:43:41
and on Tsunami I have
[root at tsunami /root]# klist -5 -e -f
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: administrator at COPERNICO.ESU
Valid starting Expires Service principal
01/28/02 11:02:23 01/28/02 20:58:40 krbtgt/COPERNICO.ESU at COPERNICO.ESU
Flags: IA, Etype (skey, tkt): DES cbc mode with RSA-MD5, DES cbc mode
with RSA-MD5
01/28/02 10:58:40 01/28/02 20:58:40 ldap/francesca at COPERNICO.ESU
Flags: A, Etype (skey, tkt): DES cbc mode with RSA-MD5, DES cbc mode
with RSA-MD5
01/28/02 10:58:40 01/28/02 20:58:40 ldap/francesca at COPERNICO.ESU
Flags: A, Etype (skey, tkt): DES cbc mode with CRC-32, DES cbc mode
with CRC-32
01/28/02 11:05:29 01/28/02 20:58:40 emanuela$@COPERNICO.ESU
Flags: A, Etype (skey, tkt): DES cbc mode with RSA-MD5, DES cbc mode
with RSA-MD5
Can anybody help me?
Thanks
More information about the samba-technical
mailing list