[Samba] Re: Can't mount samba drive or join domain with W2K3 server

Adam Rosi-Kessel adam at rosi-kessel.org
Thu Sep 2 15:36:54 GMT 2004


Paul Gienger wrote:
> ># net join -l -n my_computer_name -I shared_server_ip_address -U
> > kerberos_kinit_password my_username at my_domain failed: Improper
> > format of Kerberos configuration file
> This screams "you haven't set up kerberos yet".  Start reading here
> http://www.samba.org/samba/docs/man/Samba-Guide/unixclients.html#adssdm
> I know that doesn't have everything you need, but I can't find the link 
> I used to set up domain membership in active directory ATM.

Thanks, that's a good start.

Now I get a much shorter message:

######################################
# net ads join -Umy_username
my_username's password:
[2004/09/02 11:33:19, 0] libads/ldap.c:ads_add_machine_acct(1283)
  ads_add_machine_acct: Host account for my_machine already exists - modifying old account
[2004/09/02 11:33:19, 0] libads/ldap.c:ads_join_realm(1617)
  ads_add_machine_acct (akessel-linux): Insufficient access 
ads_join_realm: Insufficient access
######################################

I'm not sure why I have insufficient access; the machine was configured
before without a problem (originally a Windows box).

On the other hand:

######################################
# net rpc join -Umy_username
Password:
Joined domain <MY_DOMAIN>.
######################################

So it looks like I can join successfully with rpc.

I still can't mount:

######################################
# mount shared_drive
cli_negprot: SMB signing is mandatory and we have disabled it.
16495: protocol negotiation failed
SMB connection failed
######################################

I'm unclear as to whether the ADS issue is linked with this mounting
issue.  Do I need to join with ADS before I'll be able mount the drive?
Or is there some way I can get SMB signing to work without getting ADS
to work?
-- 
Adam Rosi-Kessel
http://adam.rosi-kessel.org


More information about the samba mailing list