[Samba] Samba 3.3.0.obeta3, Redhat 9.0, Win2k ADS integration

Matthew McCarty matthew at rareearthstrategies.com
Fri Aug 15 17:16:46 GMT 2003

My goal here is to add my Redhat 9.0 box to the domain and authenticate 
to the ADS Win2K domain from my Redhat 9.0 box.

I have read the user gorup archives,man pages, for smb.conf and winbind, 
and I have read Head/3.0 documentation, specifically this part is where 
I started:


The docs are sadly not complete....

Anyway I am able to get wbinfo -u and wbinfo -g to work and of course I 
joined the domain correctly. I can see the Redhat box in Network 
neighborhood and in AD. I get the following error from wbinfo -t:

checking the trust secret via RPC failed
error code was NT_STATUS_UNSUCCESFUL (0x0000001)
Could not check secret

And when I try a wbinfo -a it fails with:

error code was NT_STATUS_NO_LOGON_SERVERS (0xc000005e)
error message was: No logon servers
Could not authenticate......

I ran across a newsgroup entry from June with the same problem as above 
but there was no conclusion to the matter in the thread.

It seems to me that, of course, it can't find the Win2k DC but when I do 
a net lookup ldap|kdc everything comes up fine, reverse DNS lookup works 
fine as well as forward DNS; AND why does wbinfo -u and -g work if it 
can't find the DC?

Anyway I am stuck here -- any help would be appreciated.

Here is the relevant smb.conf entries:

workgroup = mydoamin.com
realm = mydoamin.com
security = ads
idmap uid = 10000-20000
idmap gid = 10000-20000
winbind enum users = yes
winbind enum groups = yes
winbind use default domain = yes
template homedir = /home/%U
template shell = /bin/bash
name resolve order = hosts wins lmhosts bcast
create mode = 700
directory = 700
password server = *
encrypt passwords = yes

More information about the samba mailing list