[Samba] ads_connect: Program lacks support for encryption type

Mason, Roberto masonr at swlauriersb.qc.ca
Fri Jan 13 16:47:55 GMT 2006 

I'm trying to setup here at my school board an ADS domain member to Windows 2000 Server(s). I've setup Samba, configured nsswitch and /etc/krb5.conf. I'll be including them on this post. When I run << net join ADS -U<administrative_user>, I'm prompted for the password and I get this error message:

 

[2006/01/12 15:21:35, 0] utils/net_ads.c:ads_startup(191)

  ads_connect: Program lacks support for encryption type

 

I scoured Google, but I've not been able to find the solution. 

 

Is there a service I'm not running?

 

# Samba config file created using SWAT

# from 0.0.0.0 (0.0.0.0)

# Date: 2006/01/11 16:27:02

 

/etc/samba/smb.conf

# Samba config file created using SWAT
# from 0.0.0.0 (0.0.0.0)
# Date: 2006/01/11 16:27:02
 
[global]
   workgroup = MYDOMAIN
   realm = MYDOMAIN.QC.CA
        bind interfaces only = Yes
   security = ADS
        username map = /etc/samba/smbusers
        log level = 1
        printcap name = cups
        wins server = xxx.xxx.xxx.xxx 
        ldap ssl = no
   idmap uid = 10000-20000
   idmap gid = 10000-20000
   template shell = /bin/bash
 
   winbind use default domain = no
[homes]
        valid users = %S
        read only = No
        browseable = No
 
#masonr is a local user
[storage2]
        path = /drive
        valid users = masonr
        write list = masonr
        force user = nobody
        force group = nobody
        read only = No

 

etc/nsswitch.conf

 

passwd:     files winbind

shadow:     files

group:      files winbind

 

#hosts:     db files ldap nis dns

hosts:      files winbind dns

 

# Example - obey only what ldap tells us...

#services:  ldap [NOTFOUND=return] files

#networks:  ldap [NOTFOUND=return] files

#protocols: ldap [NOTFOUND=return] files

#rpc:       ldap [NOTFOUND=return] files

#ethers:    ldap [NOTFOUND=return] files

 

bootparams: files

ethers:     files

netmasks:   files

networks:   files dns

protocols:  files

rpc:        files

services:   files

netgroup:   files

publickey:  files

automount:  files

aliases:    files

 

/etc/krb5.conf

[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
 
[libdefaults]
default_realm = MYDOMAIN.QC.CA
default_etypes = des-cbc-crc des-cbc-md5
default_etypes_des = des-cbc-crc des-cbc-md5
 
 
[realms]
MYDOMAIN.QC.CA = {
   default_domain = mydomain.qc.ca
   kdc = server1.mydomain.qc.ca:88
   kdc = server2.mydomain.qc.ca:88
   admin_server = server1.mydomain.qc.ca:749
}
 
[domain_realm]
.mydomain.qc.ca = MYDOMAIN.QC.CA
mydomain.qc.ca = MYDOMAIN.QC.CA

 

 

 

 

Roberto Mason

IT Department

Sir Wilfrid Laurier School Board

235 Montée Lesage
Rosemère, Québec,
J7A 4Y6

More information about the samba mailing list