[Samba] Join ADS problem

Mark Proehl M.Proehl at science-computing.de
Mon May 22 09:02:03 GMT 2006


you should not run the daeomons while joining. The daemon log files
don't provide any information about the join process. You should run
the net command with a higher debug level, e.g.  net ads join -d 3


On Mon, May 22, 2006 at 10:39:01AM +0200, diego Pelizzi wrote:
> Problem with join to Active Directory
> 
> 
> [root at clust-master samba]# net ads join -S 10.0.0.1 -U Administrator
> Administrator's password:
> [2006/05/22 10:24:05, 0] libads/ldap.c:ads_join_realm(1640)
>   ads_add_machine_acct (clust): Type or value exists
> ads_join_realm: Type or value exists
> 
> [root at clust-master samba]# kinit Administrator at COROD.LOCAL
> Password for Administrator at COROD.LOCAL:
> 
> As you can see kerberors seems works well, but when i tried to join to ADS routput is: Type or value exists.
> I checked the computer folder in Active Directory, but there isn't the samba server.
> 
> 
> #### winbindd.log
> [2006/05/22 10:23:17, 1] libsmb/cliconnect.c:cli_session_setup_kerberos(544)
>   spnego_gen_negTokenTarg failed: No credentials cache found
> [2006/05/22 10:23:17, 1] libsmb/clikrb5.c:ads_krb5_mk_req(323)
>   krb5_cc_get_principal failed (No credentials cache found)
> [2006/05/22 10:23:17, 1] libsmb/cliconnect.c:cli_session_setup_kerberos(544)
>   spnego_gen_negTokenTarg failed: No credentials cache found
> [2006/05/22 10:23:17, 1] libsmb/clikrb5.c:ads_krb5_mk_req(323)
>   krb5_cc_get_principal failed (No credentials cache found)
> [2006/05/22 10:23:17, 1] libsmb/cliconnect.c:cli_session_setup_kerberos(544)
>   spnego_gen_negTokenTarg failed: No credentials cache found
> [2006/05/22 10:23:17, 1] libsmb/clikrb5.c:ads_krb5_mk_req(323)
>   krb5_cc_get_principal failed (No credentials cache found)
> [2006/05/22 10:23:17, 1] libsmb/cliconnect.c:cli_session_setup_kerberos(544)
>   spnego_gen_negTokenTarg failed: No credentials cache found
> [2006/05/22 10:23:17, 1] libsmb/clikrb5.c:ads_krb5_mk_req(323)
>   krb5_cc_get_principal failed (No credentials cache found)
> [2006/05/22 10:23:17, 1] libsmb/cliconnect.c:cli_session_setup_kerberos(544)
>   spnego_gen_negTokenTarg failed: No credentials cache found
> [2006/05/22 10:28:18, 1] libsmb/clikrb5.c:ads_krb5_mk_req(323)
>   krb5_cc_get_principal failed (No credentials cache found)
> [2006/05/22 10:28:18, 1] libsmb/cliconnect.c:cli_session_setup_kerberos(544)
>   spnego_gen_negTokenTarg failed: No credentials cache found
> 
> ### smbd.log
> 2006/05/22 08:24:11, 0] smbd/server.c:main(760)
>   smbd version 3.0.8pre1-0.pre1.3 started.
>   Copyright Andrew Tridgell and the Samba Team 1992-2004
> [2006/05/22 08:24:11, 1] libsmb/clikrb5.c:ads_krb5_mk_req(323)
>   krb5_cc_get_principal failed (No credentials cache found)
> [2006/05/22 08:24:11, 0] printing/nt_printing.c:nt_printing_init(383)
>   nt_printing_init: error checking published printers: WERR_ACCESS_DENIED
> [2006/05/22 08:56:10, 0] smbd/server.c:main(760)
>   smbd version 3.0.8pre1-0.pre1.3 started.
>   Copyright Andrew Tridgell and the Samba Team 1992-2004
> [2006/05/22 08:56:11, 1] libsmb/clikrb5.c:ads_krb5_mk_req(323)
>   krb5_cc_get_principal failed (No credentials cache found)
> 
> 
> 
> My config:
> Fedora Core3
> samba-3.0.8-0.pre1.3
> 
> #/etc/krb5.conf
> [libdefaults]
>  default_realm = COROD.LOCAL
>  dns_lookup_realm = false
>  dns_lookup_kdc = false
> 
> [realms]
>  COROD.LOCAL = {
>   kdc = 10.0.0.1:88
>   admin_server = 10.0.0.1:749
>   default_domain = corod.local
>  }
> 
> [domain_realm]
>  .corod.local = COROD.LOCAL
>  corod.local = COROD.LOCAL
> 
> [kdc]
>  profile = /var/kerberos/krb5kdc/kdc.conf
> 
> # /etc/samba/smb.conf
>  [global]
>         workgroup = COROD
>         security = ADS
>         realm = COROD.LOCAL
>         netbios name = CLUST
>         os level = 20
>         log file = /var/log/samba/%m.log
>         max log size = 50
>         socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
>         dns proxy = No
>         ldap ssl = no
>         force create mode = 0700
>         create mode = 0770
>         directory mode = 0770
>         force directory mode = 0770
>         load printers = no
> 
> 
> Thanks in advance for any help.
> 
> 		
> ---------------------------------
> Yahoo! Mail: gratis 1GB per i messaggi, antispam, antivirus, POP3
> 		
> ---------------------------------
> Yahoo! Messenger with Voice: chiama da PC a telefono a tariffe esclusive
> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba



More information about the samba mailing list