[Samba] Join AD domain using security = domain ?

Thomas Limoncelli limoncelli at web.de
Wed Feb 22 13:48:07 GMT 2006


David Wilson wrote:
> Is it possible to join an AD domain using NT style authentication ?
> i.e. security = domain  in smb.conf and use 'net join rpc -W [MYADDOMAIN]

Been there. Done that.

> When I tried this I get the following error:
> [2006/02/22 11:56:42, 0] 
> rpc_client/cli_pipe.c:cli_rpc_pipe_open_schannel(2641)
>  cli_rpc_pipe_open_schannel: failed to get schannel session key from 
> server msu
> adserver for domain MYADDOMAIN.
> [2006/02/22 11:56:42, 0] utils/net_rpc_join.c:net_rpc_join_ok(61)
>  Error connecting to NETLOGON pipe. Error was 
> NT_STATUS_NO_TRUST_SAM_ACCOUNT
> Unable to join domain MYADDOMAIN.

You didn't post your Samba version and smb.conf, so we need to 
wild-guess. Try adding "client schannel = No" in [global].


-TL


More information about the samba mailing list