ADS support

[Aaron Endo]

This is the top level build..

Here is my situation -- I'm running a cluster of 4 servers with samba4 
running on 1 primary server.. If failure it will failover to 2 ect.. I'm 
also running my mail server on 4 and that will failover to 3 and on down 
if necessary.. They will all have the capability to run all services.. . 
Maybe separating the instances is the best way to go in this case and I 
already have the perfect storm so to speak..

With my join-ads.conf file I have it creating the krb5.keytab and this 
allows saslauthd to work properly.. I am open to suggestions but this 
was the only way I could get saslauthd working for cyrus-imap kerberos 
authentication..

I tried creating a user in AD and running # samba-tool domain 
exportkeytab /root/krb5.keytab --principal=saslauthd and then copied 
this to /etc/krb5.keytab -- but I could not get this to work properly 
for some reason,, I believe part of it was the server this was copied to 
was not joined to the domain.. which is why I used net ads join

On 04/11/2012 11:06 AM, Kai Blin wrote:
> On 2012-04-11 16:38, Aaron E. wrote:
>
> Hi Aaron,
>
>> Latest GIT as of this morning...
>>
>> I've configured samba as follows
>> # ./configure.developer --prefix=/opt/samba4 --with-ads
> Is this a top-level build? I'm not sure --with-ads does anything there.
>
>> When I run
>> # ./net ads join -s /opt/samba4/etc/join-ads.conf -Uadministrator
>> I receive a message stating "ADS support not compiled in"
> net is the samba3 tool. I'd suggest doing your build in source3/ if you
> want a samba3 build (e.g. you want to run a member server).
>
>> I was able to use the net command in CentOS 6.2 to do this and join the
>> domain whle creating the keytab for saslauthd to work.. But I would like
>> to use the net command from the compiled version..
> For a Samba4-style join, you should be using samba-tool, not net.
>
> Cheers,
> Kai
>