[Samba] Unable to join AD (FreeBSD)

Josh Kropf josh at cpol.com
Tue Nov 16 17:35:16 GMT 2004 

Elijah,

Thank you, this walk through was helpful. I am running 5.2.1 and it seems to
allow me to join the domain. I have a few other residual issues but
hopefully I will be able to hammer out those bugs.

Regards,
Josh

-----Original Message-----
From: Elijah Savage [mailto:esavage at digitalrage.org] 
Sent: Tuesday, November 09, 2004 6:36 PM
To: Josh Kropf; samba at lists.samba.org
Subject: RE: [Samba] Unable to join AD (FreeBSD)

I was having the same problem as you decribe with 4.10 version of
freebsd and found a number of reasons why it was not working, but I
manage to find this great walk through and get it working with 5.2.1.

http://www.kurai.org/~gdunn/samba3-ad/fbsd_samba.html

Try it and see if it helps and curious what version of freebsd are you
using? 

-----Original Message-----
From: samba-bounces+esavage=digitalrage.org at lists.samba.org
[mailto:samba-bounces+esavage=digitalrage.org at lists.samba.org] On Behalf
Of Josh Kropf
Sent: Tuesday, November 09, 2004 4:47 PM
To: samba at lists.samba.org
Subject: [Samba] Unable to join AD (FreeBSD)

Hi,

I am trying to get samba 3.0.7 working with our win2k DC. I installed
samba from the ports collection, so the kerberos library looks to be the
heimdel version.

I can use kinit to create a ticket and it authenticates against the DC
just fine. However when I attempt to use "net ads join" it fails with
the following response:

[2004/11/09 16:32:30, 0] utils/net_ads.c:ads_startup(183)
  ads_connect: Unknown error: -1765328343

Also note running "net ads join" without the -U parameter simply prompts
for a password for "root" even though I have created a ticket
successfully with kinit.

I have configured krb5.conf and smb.conf with the minimal items.

smb.conf

[global]
   workgroup = CPOLDOM
   netbios name = BSDWEB
   realm = CPOL.DOM

   security = ads
   encrypt passwords = yes
   password server = 192.168.1.10

krb5.conf

[libdefaults]
   default_realm = CPOL.DOM

[domain_realm]
   .cpol.dom = CPOL.DOM
   cpol.dom = CPOL.DOM

[realms]
   CPOL.DOM = {
      kdc = 192.168.1.10
      default_domain = cpol.dom
   }

Thanks,
Josh

--
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list