[Samba] Samba 3.014a2 with AD auth

Edward Brookhouse ebroo at healthydirections.com
Mon Sep 19 13:13:23 GMT 2005

Hi all,



I have gotten this working; However, I am just curious about a few
things and wanted to see if anyone on this list might know.


My setup is Fedora/Linux based - but I believe these comments to be
valid for any OS.




When joining the computer to the domain using net join I am unable to do


# net ads join -U  Administrator


Gives me 


ads_join_realm: Insufficient access



so we try 


net rpc join -U Administrator


Which works fine - 


Any thoughts why???




Question #2 


Joining a computer to an AD domain like this works - but we see a great
deal of pre-authentication errors in our Domain logs - 


I have seen the MS KB articles that talk about not requiring preauth to
get rid of this message - but the problem is that the option to Not
require pre-auth is valid for a user object not a computer object -so
setting this option still does not get rid of the errors claiming the
machine object is failing pre-auth.


MSWinEventLog 2 Security 12270 Mon Sep 19 09:10:21 2005 675 Security
SYSTEM User Failure Audit EARTH Account Logon Pre-authentication failed:
User Name: goethe$ User ID:
%{S-1-5-21-934913212-3928056223-3945149382-9156} Service Name:
krbtgt/CORP.PHILLIPS.COM Pre-Authentication Type: 0x0 Failure Code: 0x19
Client Address: 12090


(where Goethe is the machine name)


Any thoughts appreciated!





Edward B.




More information about the samba mailing list