"net ads join" returns confusing message 'Failed to join domain:
Success'
Gerald (Jerry) Carter
jerry at samba.org
Thu Aug 2 17:25:28 GMT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Kurt Pfeifle wrote:
> I spent many hours this afternoon hunting for a bug or a config error
> from my side... but it seems to turn out that everything is OK. See
> yourself:
>
> 17:01 nfsboss: # echo $PS1
> \A \h: #
>
> 17:01 nfsboss: # testparm -vs|grep "log level"
> Load smb config files from /etc/samba/smb.conf
> [....]
> Processing section "[nx-software]"
> Loaded services file OK.
> Server role: ROLE_DOMAIN_MEMBER
> log level = 3
>
> 17:01 nfsboss: # net ads join -W INFOM4 -S 10.162.2.53 -U "Administrator%somepassword"
> Using short domain name -- INFOM4
> [2007/08/02 17:01:53, 0] utils/net_rpc_join.c:net_rpc_join_ok(70)
> net_rpc_join_ok: failed to get schannel session key from server PWC03.infom4.intern for domain INFOM4. \
> Error was NT_STATUS_ACCESS_DENIED
> Failed to verify membership in domain!
> Failed to join domain: Success
The DC does not allow anonymous access to the \NETLOGON named pipe.
The join succeeds but we fail to establish the credentials chain
when verifying the join. I have a fix that I'll check in soon.
cheers, jerry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFGshOIIR7qMdg1EfYRAkAQAJsFfZSGD/cBxFHKCMXALpHA+lEy7QCgg6Se
OIgdDOwoVi1oSlm3cKRbzHY=
=O1AI
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list