[Samba] Samba 3.3.0.obeta3, Redhat 9.0, Win2k ADS integration
Matthew McCarty
matthew at rareearthstrategies.com
Fri Aug 15 17:16:46 GMT 2003
My goal here is to add my Redhat 9.0 box to the domain and authenticate
to the ADS Win2K domain from my Redhat 9.0 box.
I have read the user gorup archives,man pages, for smb.conf and winbind,
and I have read Head/3.0 documentation, specifically this part is where
I started:
http://us3.samba.org/samba/devel/docs/html/Samba-HOWTO-Collection.html#ads-member
The docs are sadly not complete....
Anyway I am able to get wbinfo -u and wbinfo -g to work and of course I
joined the domain correctly. I can see the Redhat box in Network
neighborhood and in AD. I get the following error from wbinfo -t:
checking the trust secret via RPC failed
error code was NT_STATUS_UNSUCCESFUL (0x0000001)
Could not check secret
And when I try a wbinfo -a it fails with:
error code was NT_STATUS_NO_LOGON_SERVERS (0xc000005e)
error message was: No logon servers
Could not authenticate......
I ran across a newsgroup entry from June with the same problem as above
but there was no conclusion to the matter in the thread.
It seems to me that, of course, it can't find the Win2k DC but when I do
a net lookup ldap|kdc everything comes up fine, reverse DNS lookup works
fine as well as forward DNS; AND why does wbinfo -u and -g work if it
can't find the DC?
Anyway I am stuck here -- any help would be appreciated.
Here is the relevant smb.conf entries:
workgroup = mydoamin.com
realm = mydoamin.com
security = ads
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = yes
template homedir = /home/%U
template shell = /bin/bash
name resolve order = hosts wins lmhosts bcast
create mode = 700
directory = 700
password server = *
encrypt passwords = yes
More information about the samba
mailing list