[Samba] net ads join / kinit /.conf syntax

Wed Feb 18 23:38:44 GMT 2004

Hi.

HELP!

I read:
:-)
http://www.samba.org/samba/docs/man/domain-member.html#domain-member-server
(Which notes, "This is a rough guide to setting up Samba-3 with Kerberos
authentication against a Windows 200x KDC. A familiarity with Kerberos is
assumed." Is there "A guide to familiarity with Kerberos as a primer for
Samba configuration" somewhere?)
:-) This thread
http://lists.samba.org/archive/samba/2003-October/000180.html
:-) http://lists.samba.org/archive/samba/2003-February/062065.html
:-) http://lists.samba.org/archive/samba/2003-July/070275.html
:-) http://lists.samba.org/archive/samba/2003-October/075166.html

Running RedHat Fedora Core 1.
:-( Don't have kinit (below)
:-( Don't have klist (below)
:-( net ads join fails with Cannot find KDC for requested realm (below)
:-| /etc/samba/smb.conf (below)
:-| /etc/krb5.conf (below)

TNX

[root at ImediaArchive root]# kinit
-bash: kinit: command not found
[root at ImediaArchive root]#
[root at ImediaArchive root]# klist
-bash: klist: command not found
[root at ImediaArchive root]#
[root at ImediaArchive root]# net ads join -U administrator%XXXXXXXXX
[2004/02/18 16:46:40, 0] libads/kerberos.c:ads_kinit_password(133)
  kerberos_kinit_password administrator at IMEDIA.EXAMPLE.COM failed: Cannot
find KDC for requested realm
[root at ImediaArchive root]#
[root at ImediaArchive root]# rpm -qa | egrep samba
samba-3.0.0-15
redhat-config-samba-1.1.4-1
samba-swat-3.0.0-15
samba-common-3.0.0-15
samba-client-3.0.0-15
[root at ImediaArchive root]#
[root at ImediaArchive root]# rpm -qa | egrep krb
krb5-libs-1.3.1-6
krbafs-1.2.2-1
pam_krb5-2.0.4-1
[root at ImediaArchive root]#
[root at ImediaArchive root]# cat /etc/samba/smb.conf
# Samba config file created using SWAT
# from 10.1.1.42 (10.1.1.42)
# Date: 2004/02/16 17:31:51

# Global parameters
[global]
        workgroup = IMEDIA
        realm = IMEDIAMSFT.IMEDIA.EXAMPLE.COM
        server string = a work n progess
        security = ADS
        password server = imediamsft.imedia.example.com,
imediaexch02.imedia.example.com
        log file = /var/log/samba/%m.log
        max log size = 50
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        preferred master = No
        local master = No
        dns proxy = No
        wins server = 10.1.1.42, 10.1.1.53
        ldap ssl = no

[homes]
        comment = Home Directories
        read only = No
        browseable = No

[printers]
        comment = All Printers
        path = /var/spool/samba
        printable = Yes
        browseable = No

[test]
        comment = test
        path = /mnt/hde1
        valid users = test
        read list = test
        guest ok = Yes
        hosts allow = *

[software]
        comment = Software
        path = /mnt/hde1/Software
[root at ImediaArchive root]#
[root at ImediaArchive root]#
[root at ImediaArchive root]# cat /etc/krb5.conf
[logging]
 default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log

[libdefaults]
 ticket_lifetime = 24000
 default_realm = IMEDIA.EXAMPLE.COM.
 dns_lookup_realm = false
 dns_lookup_kdc = false

[realms]
 IMEDIA.EXAMPLE.COM. = {
  kdc = IMEDIAMSFT.IMEDIA.EXAMPLE.COM.:88
  admin_server = IMEDIAMSFT.IMEDIA.EXAMPLE.COM:749
  default_domain = IMEDIA.EXAMPLE.COM
 }

[domain_realm]
 IMEDIAMSFT.IMEDIA.EXAMPLE.COM. = IMEDIA.EXAMPLE.COM.

[kdc]
 profile = /var/kerberos/krb5kdc/kdc.conf

[appdefaults]
 pam = {
   debug = false
   ticket_lifetime = 36000
   renew_lifetime = 36000
   forwardable = true
   krb4_convert = false
 }
[root at ImediaArchive root]#