[Samba] net ads join fails 3/4's of the time

[Gerald (Jerry) Carter]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Rex Dieter wrote:

| I just wanted to share my frustrations with trying
| to use samba to join  linux machines to our AD
| (so I could use pam_winbind primarily).  I'm
| using Red Hat Enterprise 4 boxes, with samba-3.0.14a,
| krb5-libs-1.3.4-12, kernel-2.6.9-5.0.5.EL (I tried
| Fedora Core 3 too,  with similar results).  I (pre)added
| machines to the AD using the Active  Directory Users
| and Computers tool.
|
| I initially had clock skew problems (yielding kerberos
| errors), but I  now have synchronized system clocks.
|
| Now, I've found that the
| $ net ads join
| command(*) always says it succeeds joining the domain,
| but a subsequent
| $ wbinfo -t
| about 75% of the time yields an error:
| NT_STATUS_ACCESS_DENIED
|
| If I re-run those 2 commands repeatedly, I *eventually*
| will get machine  that has successfully joined the
| AD domain (where 'wbinfo -t' succeeds
| and pam_winbind successfully authenticates users).

I doner if you are dealing with a AD replication lag.  How
many DC's are there in the domain?




cheers, jerry
=====================================================================
Alleviating the pain of Windows(tm)      ------- http://www.samba.org
GnuPG Key                ----- http://www.plainjoe.org/gpg_public.asc
"I never saved anything for the swim back."     Ethan Hawk in Gattaca
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCqY1vIR7qMdg1EfYRAo5gAJwLy/LFXX82huhugrXmSp+WPUChCACg5mmz
bX2b3k/PvXxwh4jg68jrWDc=
=iJfG
-----END PGP SIGNATURE-----