[Samba] net ads join hangs forever
ww m-pubsyssamba
pubsyssamba at bbc.co.uk
Wed Jun 30 11:27:59 GMT 2004
Hi Aaron,
we've just identified this problem and thought you may be interested if you haven't resolved
this already. The bind is failing because the admin account being used to join the domain is a
member of too many groups (waiting to hear from M$ what constitutes too many) and as a result the
Kerberos TGT is too large and the kpasswd service on the M$ DC just ignores the change password
request. To work around this created an admin account with minimal group membership and use this
to bind Samba boxes to AD.
Of course you may have a different issue with M$ ;-)
cheers Andy.
Thanks all. At least now I know it's not just me. I'll be watching
bugzilla with interest, and in the meantime I suppose standard Kerb will
have to do.
Aaron Grewell
Network Administrator
University of Washington Bothell
This e-mail (and any attachments) is confidential and may contain personal views which are not the views of the BBC unless specifically
stated.
If you have received it in error, please delete it from your system. Do not use, copy or disclose the information in any way nor act in
reliance on it and notify the sender immediately. Please note that the BBC monitors e-mails sent or received.
Further communication will signify your consent to this.
More information about the samba
mailing list