[Samba] Re: Error joining domain

Leen Toelen toelen at gmail.com
Thu Aug 18 15:17:28 GMT 2005


Hi,

when I did net ads join -U administrator -I "*.*.*.*" 
I got the same error but after that wbinfo -u showed all users and
loggin in works.

However, browsing to the linux box from another machine I keep getting
the password dialog. In the logs I get;

[2005/08/18 17:04:42, 2] nsswitch/winbindd_util.c:add_trusted_domain(180)
  Added domain BUILTIN  S-1-5-32
[2005/08/18 17:04:42, 2] nsswitch/winbindd_util.c:add_trusted_domain(180)
  Added domain BIOINF  S-1-5-21-51082066-3239425611-1963012567
[2005/08/18 17:04:53, 2] nsswitch/winbindd_pam.c:winbindd_pam_auth_crap(642)
  NTLM CRAP authentication for user [MYDOMAIN]\[toelen] returned
NT_STATUS_ACCESS_DENIED (PAM: 4)
[2005/08/18 17:04:53, 2] nsswitch/winbindd_pam.c:winbindd_pam_auth_crap(642)
  NTLM CRAP authentication for user [MYDOMAIN]\[toelen] returned
NT_STATUS_ACCESS_DENIED (PAM: 4)
[2005/08/18 17:04:53, 2] nsswitch/winbindd_pam.c:winbindd_pam_auth_crap(642)

Anyone an idea?

Regards,
Leen Toelen


On 8/18/05, Leen Toelen <toelen at gmail.com> wrote:
> Hi,
> 
> I have run a Linux machine as a windows domain client for a while. One
> time the windows 2000 domain server went down while the linux box kept
> running. Since then I am unable to login using winbind. I tried
> re-adding the linux machine without any success, I constantly get
> errors like this:
> 
> #net join -U administrator
> administrator's password:
> [2005/08/18 16:48:52, 0] libads/kerberos.c:ads_kinit_password(147)
>   kerberos_kinit_password administrator at PEAKADILLY.LOCAL failed:
> Cannot contact any KDC for requested realm
> [2005/08/18 16:48:52, 0] utils/net_ads.c:ads_startup(186)
>   ads_connect: Cannot contact any KDC for requested realm
> Joined domain MYDOMAIN.
> 
> The command runs without any progress for a minute or so and then
> gives the error message. Yet logging it still does not work.
> 
> If I do
> #net rpc join -U administrator
> I instantly get 'Joined domain MYDOMAIN.' but it still does not work.
> 
> I have put the domain controller in /etc/hosts and can ping it without
> problems. smbclient -L //mycontroller also runs fine after
> authenticating.
> 
> Anyone knows what might be causing this problem?
> 
> Regards,
> Leen Toelen
>


More information about the samba mailing list