[Samba] Samba 3.014a2 with AD auth
Edward Brookhouse
ebroo at healthydirections.com
Mon Sep 19 13:13:23 GMT 2005
Hi all,
I have gotten this working; However, I am just curious about a few
things and wanted to see if anyone on this list might know.
My setup is Fedora/Linux based - but I believe these comments to be
valid for any OS.
When joining the computer to the domain using net join I am unable to do
a:
# net ads join -U Administrator
Gives me
ads_join_realm: Insufficient access
so we try
net rpc join -U Administrator
Which works fine -
Any thoughts why???
Question #2
Joining a computer to an AD domain like this works - but we see a great
deal of pre-authentication errors in our Domain logs -
I have seen the MS KB articles that talk about not requiring preauth to
get rid of this message - but the problem is that the option to Not
require pre-auth is valid for a user object not a computer object -so
setting this option still does not get rid of the errors claiming the
machine object is failing pre-auth.
MSWinEventLog 2 Security 12270 Mon Sep 19 09:10:21 2005 675 Security
SYSTEM User Failure Audit EARTH Account Logon Pre-authentication failed:
User Name: goethe$ User ID:
%{S-1-5-21-934913212-3928056223-3945149382-9156} Service Name:
krbtgt/CORP.PHILLIPS.COM Pre-Authentication Type: 0x0 Failure Code: 0x19
Client Address: 172.17.81.164 12090
(where Goethe is the machine name)
Any thoughts appreciated!
Edward B.
Ebrooathealthydirectionsdotcom
More information about the samba
mailing list