[Samba] Joining a trusted domain
Devin Morton
dmorton at isilon.com
Thu Feb 16 19:26:40 GMT 2006
Hello,
I've come across a fairly unique situation and after much searching have
not found a solution. I thought I would see if anyone here has had any
experience with this before.
I have a location with two ADS domains with a two-way trust configured.
-For this example I will call them corp.company.com and bst.company.com.
-I have a FreeBSD client running Samba version three
-I want to use an account in corp with privileges over bst to join the
client to the bst domain.
No matter what format I use to specify the location of the admin account
process always appends the specified user to the bst I'm attempting to
join. That domain, of course, cannot find the user and I receive an
"Invalid credentials" error. Here is an example:
ESPN-IQ-1# net ads join -S bst.company.com -U
CORP.company.com/domainadmin
Password:
[2006/02/16 12:20:42, 1] libsmb/clikrb5.c:krb5_mk_req2(56)
krb5_cc_get_principal failed (No credentials cache found)
[2006/02/16 12:20:42, 0] libads/kerberos.c:ads_kinit_password(133)
kerberos_kinit_password CORP.company.com/domainadmin at BST.company.com
failed: Client not
found in Kerberos database
[2006/02/16 12:20:42, 1] utils/net_ads.c:ads_startup(152)
ads_connect: Invalid credentials
Is there a way to specify a user account from a different domain when
attempting to join in this fashion?
Thanks in advance.
Devin Morton
More information about the samba
mailing list