Joining Linux to Samba4 PDC
Arthur Ramsey
ARamsey at usicorp.usinternet.com
Mon Jul 12 21:04:12 MDT 2010
Hello again,
One last issue in implementing Samba 4 as an AD style PDC. I am
attempting to do LDAP/Krb5 authentication on the Samba 4 box. I have
tried manually via /etc/pam.d/common-* and get the follow error in
auth.log.
Jul 12 20:13:16 aramsey-ubuntu sshd[8924]: pam_krb5(sshd:auth):
pam_sm_authenticate: entry (0x1)
Jul 12 20:13:16 aramsey-ubuntu sshd[8924]: pam_krb5(sshd:auth): (user
aramsey) attempting authentication as aramsey at AACONSULTING.LOC
Jul 12 20:13:16 aramsey-ubuntu sshd[8924]: pam_krb5(sshd:auth): (user
aramsey) krb5_get_init_creds_password: Preauthentication failed
Jul 12 20:13:16 aramsey-ubuntu sshd[8924]: pam_krb5(sshd:auth):
authentication failure; logname=aramsey uid=0 euid=0 tty=ssh ruser=
rhost=intranetgw195.usinternet.com
Jul 12 20:13:16 aramsey-ubuntu sshd[8924]: pam_krb5(sshd:auth):
pam_sm_authenticate: exit (failure)
I also tried via Likewise-open and got the follow error.
root at aacserv1:/ # sudo domainjoin-cli join aaconsulting.loc
Administrator
Joining to AD Domain: aaconsulting.loc
With Computer DNS Name: aacserv1.aaconsulting.loc
Administrator at AACONSULTING.LOC's password:
Error: Lsass Error [code 0x00080047]
1315 (0x523) ERROR_INVALID_ACCOUNT_NAME - Unknown error
And also tried via net join with the following error.
root at aacserv1:/media/backup2/profiles/aramsey# net ads join member -S
aacserv1.aaconsulting.loc -UAdministrator%DaleDummer11
Host is not configured as a member server.
Invalid configuration. Exiting....
Failed to join domain: WERR_INVALID_DOMAIN_ROLE
I able to authenticate on win7, winxp, osx, and http (.htaccess via
ldap), but still having issues on the Linux box. As you can see I have
quite a hybrid network going... fun stuff. Everything else is working
great: good work! You guys certainly don't lack in vision.
Thanks,
Arthur
P.S. Will try to be more timely in providing updates as far as
resolution.
More information about the samba-technical
mailing list