[Samba] Centos 3.5/Debian 3.1 - Join to ADS (2003+SP1 mixed) Hang Forever

Cesar Lagarrigue clagarrigue at bee.cl
Thu Aug 25 17:50:18 GMT 2005 

Hello :

I tried to join to my active directory, i run the follow command, i read 
all hit into google about this and "all" howto on the google "how join a 
linux to a active directory"....and all possible combination of words 
about the last error, i found other people with the same error...but not 
solution.

I tried into Debian (3.0.14a) and Centos(3.0.14a and 3.0.20 manual 
compiled), both with krb5(1.2.7 and 1.4.2 manual compiled) / 
openldap-2.0.27, libs, and servers, workstation,etc.

#net ads join -Uadministrator%password -d 10
...
[2005/08/25 13:14:38, 5] libads/ldap_utils.c:ads_do_search_retry(56)
  Search for (objectclass=*) gave 1 replies
(Hang forever)

Please i have spend a lot of time... but not have any clue....if this 
have solution i like to put a proxy squid with autentication 
(http://mkeadle.org/index.php?p=13)

attach Configurations....

[root at wks024 bin]# ./kinit username at ADS.LOCAL
Password for username at ADS.LOCAL:
[root at wks024 bin]# ./klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: username at ADS.LOCAL

Valid starting     Expires            Service principal
08/25/05 13:33:06  08/25/05 23:33:48  krbtgt/ADS.LOCAL at ADS.LOCAL
        renew until 08/26/05 13:33:06


Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached
[root at wks024 bin]#



/etc/krb5.conf

[libdefaults]
        default_realm = ADS.LOCAL
        clockskew = 300

[realms]
BEE.CL = {
        kdc = beesafe
        default_domain = ADS.LOCAL
        kpasswd_server = beesafe
}

[domain_realm]
        .ADS.LOCAL = ADS.LOCAL


smb.conf


[global]
        workgroup = ADS@
        netbios name = WKS024
        realm = ADS.LOCAL
        password server = 10.0.0.1
        server string = Servidor Pruebas
        security = ads
        encrypt passwords = Yes
        log file = /var/log/samba/%m.log
        max log size = 0
        socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
        preferred master = False
        local master = No
        domain master = False
        dns proxy = No
        wins server = 10.0.0.1
        winbind separator = /
        winbind enum users = yes
        winbind enum groups = yes
        winbind use default domain = yes
        idmap uid = 10000-20000
        idmap gid = 10000-20000





The all log are this :
[2005/08/25 13:14:38, 5] lib/debug.c:debug_dump_status(368)
  INFO: Current debug levels:
    all: True/10
    tdb: False/0
    printdrivers: False/0
    lanman: False/0
    smb: False/0
    rpc_parse: False/0
    rpc_srv: False/0
    rpc_cli: False/0
    passdb: False/0
    sam: False/0
    auth: False/0
    winbind: False/0
    vfs: False/0
    idmap: False/0
    quota: False/0
    acls: False/0
    locking: False/0
    msdfs: False/0
[2005/08/25 13:14:38, 3] param/loadparm.c:lp_load(4082)
  lp_load: refreshing parameters
[2005/08/25 13:14:38, 3] param/loadparm.c:init_globals(1366)
  Initialising global parameters
[2005/08/25 13:14:38, 3] param/params.c:pm_process(574)
  params.c:pm_process() - Processing configuration file 
"/etc/samba/smb.conf"
[2005/08/25 13:14:38, 3] param/loadparm.c:do_section(3542)
  Processing section "[global]"
  doing parameter netbios name = WKS024
[2005/08/25 13:14:38, 4] param/loadparm.c:handle_netbios_name(2881)
  handle_netbios_name: set global_myname to: WKS024
  doing parameter realm = ADS.LOCAL
  doing parameter password server = 10.0.0.1
  doing parameter server string = Servidor Pruebas Kerberos
  doing parameter security = ads
  doing parameter encrypt passwords = Yes
  doing parameter log file = /var/log/samba/%m.log
  doing parameter max log size = 0
  doing parameter socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
  doing parameter preferred master = False
  doing parameter local master = No
  doing parameter domain master = False
  doing parameter dns proxy = No
  doing parameter wins server = 10.0.0.1
  doing parameter winbind separator = /
  doing parameter winbind enum users = yes
  doing parameter winbind enum groups = yes
  doing parameter winbind use default domain = yes
  doing parameter idmap uid = 10000-20000
  doing parameter idmap gid = 10000-20000
[2005/08/25 13:14:38, 4] param/loadparm.c:lp_load(4113)
  pm_process() returned Yes
[2005/08/25 13:14:38, 7] param/loadparm.c:lp_servicenumber(4226)
  lp_servicenumber: couldn't find homes
[2005/08/25 13:14:38, 10] param/loadparm.c:set_server_role(4031)
  set_server_role: role = ROLE_DOMAIN_MEMBER
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(103)
  Attempting to register new charset UCS-2LE
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(111)
  Registered charset UCS-2LE
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(103)
  Attempting to register new charset UTF-16LE
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(111)
  Registered charset UTF-16LE
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(103)
  Attempting to register new charset UCS-2BE
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(111)
  Registered charset UCS-2BE
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(103)
  Attempting to register new charset UTF-16BE
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(111)
  Registered charset UTF-16BE
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(103)
  Attempting to register new charset UTF8
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(111)
  Registered charset UTF8
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(103)
  Attempting to register new charset UTF-8
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(111)
  Registered charset UTF-8
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(103)
  Attempting to register new charset ASCII
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(111)
  Registered charset ASCII
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(103)
  Attempting to register new charset 646
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(111)
  Registered charset 646
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(103)
  Attempting to register new charset ISO-8859-1
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(111)
  Registered charset ISO-8859-1
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(103)
  Attempting to register new charset UCS2-HEX
[2005/08/25 13:14:38, 5] lib/iconv.c:smb_register_charset(111)
  Registered charset UCS2-HEX
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
  Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
  Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
  Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
  Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
  Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
  Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
  Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
  Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
  Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
  Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
  Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
  Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
  Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
  Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
  Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
  Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
  Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
  Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
  Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/charcnv.c:charset_name(81)
  Substituting charset 'UTF-8' for LOCALE
[2005/08/25 13:14:38, 5] lib/util.c:init_names(260)
  Netbios name list:-
  my_netbios_names[0]="WKS024"
[2005/08/25 13:14:38, 2] lib/interface.c:add_interface(81)
  added interface ip=10.0.0.11 bcast=10.0.0.155 nmask=255.255.255.0
[2005/08/25 13:14:38, 6] libads/ldap.c:ads_find_dc(214)
  ads_find_dc: looking for realm 'ADS.LOCAL'
[2005/08/25 13:14:38, 8] libsmb/namequery.c:get_sorted_dc_list(1433)
  get_sorted_dc_list: attempting lookup using [ads]
[2005/08/25 13:14:38, 10] libsmb/namequery.c:remove_duplicate_addrs2(320)
  remove_duplicate_addrs2: looking for duplicate address/port pairs
[2005/08/25 13:14:38, 4] libsmb/namequery.c:get_dc_list(1406)
  get_dc_list: returning 1 ip addresses in an ordered list
[2005/08/25 13:14:38, 4] libsmb/namequery.c:get_dc_list(1407)
  get_dc_list: 10.0.0.1:389
[2005/08/25 13:14:38, 5] libads/ldap.c:ads_try_connect(123)
  ads_try_connect: trying ldap server '10.0.0.1' port 389
[2005/08/25 13:14:38, 3] libads/ldap.c:ads_connect(285)
  Connected to LDAP server 10.0.0.1
[2005/08/25 13:14:38, 3] libads/ldap.c:ads_server_info(2514)
  got ldap server name ADSserver at ADS.LOCAL, using bind path: dc=ADS,dc=LOCAL
[2005/08/25 13:14:38, 4] libads/ldap.c:ads_server_info(2520)
  time offset is 37 seconds
[2005/08/25 13:14:38, 4] libads/sasl.c:ads_sasl_bind(451)
  Found SASL mechanism GSS-SPNEGO
[2005/08/25 13:14:38, 3] libads/sasl.c:ads_sasl_spnego_bind(206)
  ads_sasl_spnego_bind: got OID=1 2 840 48018 1 2 2
[2005/08/25 13:14:38, 3] libads/sasl.c:ads_sasl_spnego_bind(206)
  ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2
[2005/08/25 13:14:38, 3] libads/sasl.c:ads_sasl_spnego_bind(206)
  ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 3
[2005/08/25 13:14:38, 3] libads/sasl.c:ads_sasl_spnego_bind(206)
  ads_sasl_spnego_bind: got OID=1 3 6 1 4 1 311 2 2 10
[2005/08/25 13:14:38, 3] libads/sasl.c:ads_sasl_spnego_bind(215)
  ads_sasl_spnego_bind: got server principal name =ADSserver$@ADS.LOCAL
[2005/08/25 13:14:38, 3] libsmb/clikrb5.c:ads_krb5_mk_req(384)
  ads_krb5_mk_req: krb5_cc_get_principal failed (No credentials cache found)
[2005/08/25 13:14:38, 4] libsmb/clikrb5.c:ads_krb5_mk_req(400)
  ads_krb5_mk_req: Advancing clock by 37 seconds to cope with clock skew
[2005/08/25 13:14:38, 3] libsmb/clikrb5.c:ads_cleanup_expired_creds(321)
  Ticket in ccache[MEMORY:net_ads] expiration Thu, 25 Aug 2005 23:15:15 GMT
[2005/08/25 13:14:38, 10] libsmb/clikrb5.c:ads_krb5_mk_req(411)
  ads_krb5_mk_req: Ticket (ADSserver$@ADS.LOCAL) in ccache 
(MEMORY:net_ads) is valid
until: (Thu, 25 Aug 2005 23:15:15 GMT - 1125026115)
[2005/08/25 13:14:38, 10] libsmb/clikrb5.c:get_krb5_smb_session_key(512)
  Got KRB5 session key of length 16
[2005/08/25 13:14:38, 10] lib/util.c:name_to_fqdn(2669)
  name_to_fqdn: lookup for wks024 -> wks024.ADS.LOCAL.
[2005/08/25 13:14:38, 0] libads/ldap.c:ads_add_machine_acct(1400)
  ads_add_machine_acct: Host account for wks024 already exists - 
modifying old a
ccount
[2005/08/25 13:14:38, 5] libads/ldap_utils.c:ads_do_search_retry(56)
  Search for (objectclass=*) gave 1 replies

More information about the samba mailing list