[Samba] Active Directory - Samba 3.0.4
Greg Folkert
greg at gregfolkert.net
Tue Aug 3 22:28:53 GMT 2004
On Tue, 2004-08-03 at 18:19, Joseph.Gaude at gd-ais.com wrote:
> Hello Everyone,
> I'm trying to get Samba 3.0.4 under Solaris 8 to join a Windows AD domain.
>
> I've compiled and configured all the required code.. and all works so far. I
> can do a kinit username at domain.name and get a ticket from the AD server...
> Samba's smbd and nmbd run, winbind complains about credentials.....
>
> Here's my issue. I don't have any control over the AD server. We have a 3rd
> party IT support group. And I'm not sure they are adding the samba server in
> the AD tree correctly.... My problem is, our 3rd party IT guys said he added
> my machine to the ad domain, but, I can't join, nor is the machine
> searchable through MS networking, so, I don't think he added it right.
>
> My question is: Is there any way to join an AD domain without having to know
> the administrators password? If so, how?
You have to either do a "net ads join "Computers" -Sserver" once you get
Kerberos setup properly, or you have to use key.tabs
This is how it has to be done on the Microsoft side.
http://www.microsoft.com/windows2000/techinfo/planning/security/kerbsteps.asp
Then you just have to follow up and configure samba to use the key.tab
--
greg, greg at gregfolkert.net
The technology that is
Stronger, better, faster: Linux
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20040803/21d9ef18/attachment.bin
More information about the samba
mailing list