[Samba] net ads join fails 3/4's of the time
Gerald (Jerry) Carter
jerry at samba.org
Fri Jun 10 12:54:07 GMT 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Rex Dieter wrote:
| I just wanted to share my frustrations with trying
| to use samba to join linux machines to our AD
| (so I could use pam_winbind primarily). I'm
| using Red Hat Enterprise 4 boxes, with samba-3.0.14a,
| krb5-libs-1.3.4-12, kernel-2.6.9-5.0.5.EL (I tried
| Fedora Core 3 too, with similar results). I (pre)added
| machines to the AD using the Active Directory Users
| and Computers tool.
|
| I initially had clock skew problems (yielding kerberos
| errors), but I now have synchronized system clocks.
|
| Now, I've found that the
| $ net ads join
| command(*) always says it succeeds joining the domain,
| but a subsequent
| $ wbinfo -t
| about 75% of the time yields an error:
| NT_STATUS_ACCESS_DENIED
|
| If I re-run those 2 commands repeatedly, I *eventually*
| will get machine that has successfully joined the
| AD domain (where 'wbinfo -t' succeeds
| and pam_winbind successfully authenticates users).
I doner if you are dealing with a AD replication lag. How
many DC's are there in the domain?
cheers, jerry
=====================================================================
Alleviating the pain of Windows(tm) ------- http://www.samba.org
GnuPG Key ----- http://www.plainjoe.org/gpg_public.asc
"I never saved anything for the swim back." Ethan Hawk in Gattaca
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCqY1vIR7qMdg1EfYRAo5gAJwLy/LFXX82huhugrXmSp+WPUChCACg5mmz
bX2b3k/PvXxwh4jg68jrWDc=
=iJfG
-----END PGP SIGNATURE-----
More information about the samba
mailing list