[Samba] Join AD domain using security = domain ?

Gerald (Jerry) Carter jerry at samba.org
Wed Feb 22 13:58:58 GMT 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Wed, 22 Feb 2006, David Wilson wrote:

> Hi guys,
> 
> Is it possible to join an AD domain using NT style authentication ?
> i.e. security = domain  in smb.conf and use 'net join rpc -W [MYADDOMAIN]
> 
> When I tried this I get the following error:
> [2006/02/22 11:56:42, 0]
> rpc_client/cli_pipe.c:cli_rpc_pipe_open_schannel(2641)
>  cli_rpc_pipe_open_schannel: failed to get schannel session key from server
> msu
> adserver for domain MYADDOMAIN.
> [2006/02/22 11:56:42, 0] utils/net_rpc_join.c:net_rpc_join_ok(61)
>  Error connecting to NETLOGON pipe. Error was NT_STATUS_NO_TRUST_SAM_ACCOUNT
> Unable to join domain MYADDOMAIN.

Schannel is on RPC connections so you will see the same processing 
regardless of how winbindd is configured.  You can set 'client schannel = 
no' in smb.conf.  What version of Samba is this.?




cheers, jerry
=====================================================================
I live in a Reply-to-All world.               -----------------------
Samba                                    ------- http://www.samba.org
Centeris                         -----------  http://www.centeris.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)
Comment: For info see http://quantumlab.net/pine_privacy_guard/

iD8DBQFD/G4kIR7qMdg1EfYRApKAAKDYZ7xjn8/mY7Ume7nVnH8mtkShCgCgifz1
0rf30YyqVzKveX3UHvTdnC0=
=zQy/
-----END PGP SIGNATURE-----


More information about the samba mailing list