[Samba] net ads join / kinit /.conf syntax

kaze kaze at voicenet.com
Fri Feb 20 06:04:24 GMT 2004 

--> From: Michael Brown [mailto:sambalist at mikro-net.com]
--> Sent: Thursday, February 19, 2004 2:50 AM
...
--> Eliminate your krb5 rpm installation.
--> Download the MIT krb5 source tarball from here:
--> http://web.mit.edu/kerberos/dist/krb5/1.3/krb5-1.3.1.tar
-->
--> Extract the tarball/signature:
--> $ tar xvf krb5-1.3.1.tar
--> krb5-1.3.1.tar.gz.asc
--> krb5-1.3.1.tar.gz
-->
--> Check the sig however you want (this assumes OpenSSL):
--> $ openssl md5 krb5-1.3.1.tar.gz.asc
--> MD5(krb5-1.3.1.tar.gz.asc)= 06905cdf473cd677e1eabc3bebe9c506
-->
--> This better be the sig!

Yup.

--> $ tar xvfz krb5-1.3.1.tar.gz
--> $ cd krb5-1.3.1
--> $ ./configure --prefix=/usr

The path I got was /root/krb5-1.3.1/src/configure, but no mater. In order to
getting that script working I installed:
glibc-kernheaders-2.4-8.36.i386.rpm
glibc-headers-2.3.2-101.i386.rpm
glibc-devel-2.3.2-101.i386.rpm
cpp-3.3.2-1.i386.rpm
binutils-2.14.90.0.6-3.i386.rpm
gcc-3.3.2-1.i386.rpm

It appeared to run without errors.

--> $ make && make install

This got some errors and complained about missing some things.

--> kinit & klist should now be found under /usr/

Still no kinit and "net ads join ..." returns "failed: Cannot find KDC for
requested realm." Interestingly:

[root at ImediaArchive root]# locate kinit
/usr/share/doc/krb5-workstation-1.3.1/kinit.html
/usr/share/man/man8/mkinitrd.8.gz
/usr/share/ghostscript/7.07/vflib/kinit.ps
/usr/kerberos/bin/kinit
/usr/kerberos/man/man1/kinit.1.gz
/sbin/mkinitrd
[root at ImediaArchive root]# cd /usr/kerberos/bin
-bash: cd: /usr/kerberos/bin: No such file or directory
[root at ImediaArchive root]# kinit
-bash: kinit: command not found
[root at ImediaArchive root]#

http://www.samba.org/samba/docs/man/domain-member.html#ads-member under
"Possible Errors" details:
ADS support not compiled in
Samba must be reconfigured (remove config.cache) and recompiled (make clean
all install) after the Kerberos libraries and headers files are installed.

"rpm -e"-ed all of Samba, then installed, and then configured via SWAT
again.

[root at ImediaArchive root]# net ads join -U Administrator
Administrator password:
[2004/02/20 00:52:01, 0] libads/kerberos.c:ads_kinit_password(133)
  kerberos_kinit_password Administrator at IMEDIA.EXAMPLE.COM failed: Cannot
find KDC for requested realm
[root at ImediaArchive root]#

--> Good lucc!
-->
--> Michael Brown

D'oh
 - kaze

More information about the samba mailing list