[Samba] Re: Joining samba to AD domain with a non-admin user

Antti Andreimann Antti.Andreimann at mail.ee
Sun Jul 20 02:42:58 GMT 2003

Chere Zhou wrote:

> Secondly, using -U or not with net ads join does not make a difference.  I
> did debug through there to find that it is the ldap_add_s fails.  However,
> I do not see how my kerberos user principal is being used for the LDAP
> connection, though different principal does make the difference.  I guess
> it's the bind to LDAP call?  But the ads.auth.user_name is always root,
> which is the Unix account I am working on, and ads.auth.password always
> "".

Do You have /etc/krb5.conf set up with AD realms?
Can You do kinit user at ADS.REALM?

If so, can You please save and send me two ethereal dumps:
1. Successful join from windows client to AD.
2. The errorneous join from samba to AD.

Maybe I can then figure out what went wrong.

          Antti Andreimann
      Using Linux since 1993
  Member of ELUG since 29.01.2000

More information about the samba mailing list