[Samba] Join AD domain using security = domain ?

David Wilson dave at dcdata.co.za
Thu Feb 23 06:38:07 GMT 2006


Thanks Thomas.

Samba-3.0.21b. My smb.conf is off-site. I'll send it if disabling the client 
schannel still does not work.

Thanks for your help so far !


Kind regards

David Wilson
D c D a t a
CNS, CLS, Linux+
T: 0860-1-LINUX
F: 0866878971
M: 0824147413
E: support at dcdata.co.za
W: http://www.dcdata.co.za

----- Original Message ----- 
From: "Thomas Limoncelli" <limoncelli at web.de>
To: <samba at lists.samba.org>
Sent: Wednesday, February 22, 2006 3:48 PM
Subject: Re: [Samba] Join AD domain using security = domain ?


> David Wilson wrote:
>> Is it possible to join an AD domain using NT style authentication ?
>> i.e. security = domain  in smb.conf and use 'net join rpc -W [MYADDOMAIN]
>
> Been there. Done that.
>
>> When I tried this I get the following error:
>> [2006/02/22 11:56:42, 0] 
>> rpc_client/cli_pipe.c:cli_rpc_pipe_open_schannel(2641)
>>  cli_rpc_pipe_open_schannel: failed to get schannel session key from 
>> server msu
>> adserver for domain MYADDOMAIN.
>> [2006/02/22 11:56:42, 0] utils/net_rpc_join.c:net_rpc_join_ok(61)
>>  Error connecting to NETLOGON pipe. Error was 
>> NT_STATUS_NO_TRUST_SAM_ACCOUNT
>> Unable to join domain MYADDOMAIN.
>
> You didn't post your Samba version and smb.conf, so we need to wild-guess. 
> Try adding "client schannel = No" in [global].
>
>
> -TL
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
>
> -- 
> This email and all contents are subject to the following disclaimer:
> http://www.dcdata.co.za/emaildisclaimer.html
> 


-- 
This email and all contents are subject to the following disclaimer:
http://www.dcdata.co.za/emaildisclaimer.html



More information about the samba mailing list