Fw: [Samba] net join error
Gerald (Jerry) Carter
jerry at samba.org
Fri Aug 4 13:44:47 GMT 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Nanni X wrote:
> Did you follow step-by-step the guidelines explained in
> the HowTo to join ADS?
>
> We too have a W2K3 server updated to last sp and post-sp
> updates by Windows' automatic update and we
> encountered no problems following the HowTo.
>
> By example, the line "security" of smb.conf file must be set
> "ADS", not "domain" as in yours...
> In addition, the HowTo says don't use in any case "net rpc..."
> commands when you are working with ADS
This is slightly misleading. In the 3.0.23 series, 'net ads join'
uses rpc to join the domain (just like Windows).
The failure below is probably due to the problem with DES
session keys. I assume the problem system is using an
older krb5 distribution.
>>> quark-lin ~ # net ads join -U admin-msodan
>>> admin-msodan's password:
>>> Using short domain name -- TEST
>>> [2006/07/31 13:52:43, 0] utils/net_rpc_join.c:net_rpc_join_ok(70)
>>> net_rpc_join_ok: failed to get schannel session key from server
>>> xxx.test.com for domain TEST. Error was NT_STATUS_ACCESS_DENIED
>>> Failed to verify membership in domain!
cheers, jerry
=====================================================================
Samba ------- http://www.samba.org
Centeris ----------- http://www.centeris.com
"What man is a man who does not make the world better?" --Balian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFE009PIR7qMdg1EfYRAvnOAJ9nhBgbPEaDaHNn8ls3OzXsOdyWBgCeJpGP
9qdcWIvpxBRDz80mxRT+890=
=S59H
-----END PGP SIGNATURE-----
More information about the samba
mailing list