[Samba] Problem with joining Active Server Domain
David Evans-Roberts
d.evans-roberts at hrwallingford.co.uk
Wed Nov 17 17:15:16 GMT 2004
I have built samba 3.0.8 with ADS support. From the Solaris 9 end it
appeared to join the active directory server domain OK. However when I look
using Windows Explorer on the ADS (Windows 2003) machine it appears as Samba
3.0.8 server under WORKGROUP, and I cannot access the shares. I am using
the MIT kerberos. The Howto guide on page 74 is a bit ambiguous. I read it
to say that if you are you are using Heimdel it must be a release later than
0.6. A colleague took it to read that you must use Heimdal rather than MIT
for Windows 2003. Is this the problem or is it something else. Any advice
welcomed.
/usr/local/samba/bin/net ads join -U Administrator
Administrator's password:
[2004/11/17 17:03:53, 0] libads/ldap.c:(1366)
ads_add_machine_acct: Host account for pike already exists - modifying old
account
Using short domain name -- ASTTEST
Joined 'PIKE' to realm 'ASTTEST.LOCAL'
The relevant parts of the /etc/krb5.conf file are as follows:
[libdefaults]
default_realm = astest.local
[realms]
astest.local = {
kdc = eng-test.astest.local
}
[domain_realm]
.kerberos.server = astest.local
----------------------------------------------------------------------------
------------
And smb.conf :
# Global parameters
[global]
workgroup = ASTTEST
realm = ASTTEST.LOCAL
security = ADS
password server = eng-test.asttest.local
username map = /etc/samba/usermap.txt
log level = 1
log file = /var/log/samba
socket options = TCP_NODELAY IPTOS_LOWDELAY
load printers = No
os level = 0
dns proxy = No
idmap uid = 15000-20000
idmap gid = 15000-20000
read only = No
create mask = 0775
directory mask = 0775
[mds0650]
----------------------------------------------------------------------------
---------------------------
David Evans-Roberts
daveer at hrwallingford.co.uk
Systems Administrator
HR Wallingford
**********************************************************************
HR Wallingford uses Faxes and Emails for confidential and
legally privileged business communications. They do not of
themselves create legal commitments. Disclosure to parties
other than addressees requires our specific consent. We are
not liable for unauthorised disclosures nor reliance upon them.
If you have received this message in error please advise us
immediately and destroy all copies of it.
**********************************************************************
More information about the samba
mailing list