[Samba] Fwd: ADS and samba domain member: ads_connect: Cannot resolve network address for KDC in requested realm

David Shapiro David.Shapiro at bcbsnc.com
Wed Feb 1 15:00:59 GMT 2006


I forgot the smb.conf file:
 
[global]
        workgroup = MYDOMAIN
        netbios name = svcanimp
        socket options = TCP_NODELAY SO_RCVBUF=16384 SO_SNDBUF=16384
        idmap uid = 10000-20000
        idmap gid = 10000-20000
        winbind enum users = yes
        winbind gid = 10000-20000
        os level = 20
        winbind enum groups = yes
        winbind separator = /
        encrypt passwords = yes
        server string = User management Server
        security = ADS
        realm = MYREALM.COM
        password server = myadsserver.bcbsnc.com
        preferred master = no
        log file = /usr/local/samba/var/log.%m
        log level = 0
        max log size = 50
        local master = No
        dns proxy = No
        wins server = wins01 wins02
        wins proxy = no
        name resolve order = wins hosts lmhosts bcast
        aio read size = 1
        aio write size = 1
        template homedir = /home/winnt/%D/%U
        template shell = /bin/bash
 
[homes]
        path = /home/%u
        read only = No


Hello,
 
I am having a problem getting my server to join our realm as a domain
member server.   I have read through google, yahoo, and this list, but I
cannot find the answer yet.  
 
When I run: net join ads -Uadministrator and try to login it gives the
following error:
 
 kerberos_kinit_password Administrator at MYREALM.COM failed: Cannot
resolve network address for KDC in requested realm
[2006/02/01 09:33:46, 0] ../utils/net_ads.c:ads_startup(191)
  ads_connect: Cannot resolve network address for KDC in requested
realm
 
The details of my setup are:
 
aix 5.2.0.7
libiconv-1.9.1
autoconf-2.59
libiodbc-3.52.4
bison-2.0
m4-1.4.3
db-4.4.20                             
mysql-connector-odbc-3.51.12
krb                                    
samba-3.0.21a    
 
../configure --prefix=/usr/local/samba --with-ads --with-ldap
--with-winbind --with-acl-support --with-utmp --with-quotas
--with-sendfile-support

openldap-2.3.19  
 
./configure --enable-crypt --without-cyrus-sasl                        
        
 
unixODBC-2.2.11
gcc 3.3.2
 
/etc/krb5.conf:
 
[libdefaults]
        default_realm = MYREALM.COM
        default_etypes = des-cbc-crc des-cbc-md5
        default_etypes_des = des-cbc-crc des-cbc-md5
        ticket_lifetime = 24000
        clockskew = 300
        dns_lookup_realm = false
        dns_lookup_kdc = false
 
[realms]
        MYREALM.COM = {
                kdc = myadsserver.mydomain.com
                default_domain = mydomain.com
        }
 
[domain_realm]
        .mydomain.com = MYREALM.COM
 
[logging]
        kdc = FILE:/var/log/kdc.log
        admin_server = FILE:/var/log/kadmin.log
        default = FILE:/var/log/krb5lib.log

/etc/hosts:
1.2.3.4   myadsserver.mydomain.com myadsserver
 
 
Note: Nothing goes into the logs and if I move aisde thekrb5.conf it
still tries automatically MYREALM.COM.  I put an error int he krb5.conf
file to see if it would notice, and it does warn about it, so it is
looking in krb5.conf.
 
 
 
 
David Shapiro
Unix Team Lead
919-765-2011
 
David Shapiro
Unix Team Lead
919-765-2011



More information about the samba mailing list