[Samba] Failed to verify incoming ticket! When clients use netbios
names only!
Martin Zielinski
mz at seh.de
Mon Apr 16 06:56:52 GMT 2007
Hi,
the "Failed to join domain: Type or value exists" is caused, when the
machine_name is equal to the fqdn.
This is the case, e.g. if the /etc/hosts file contains only the short
name. The server reports the error and "net" aborts although the join
itself was successfull.
There are serveral issues with the "hostname vs. domainname" thing under
linux.
E.g. the missing driver listings when using the fqdn accessing the samba
server.
I've added a getdomainname() call in the get_mydnsfullname() function in
lib/util.c if the gethostname() call does not contain a ".".
Then the comparison in is_myname() succeeds and the drivers are listed.
But the manpage says, getdomainname() is *not* POSIX. So this all might
end in a configuration issue of the hostname.
Regards,
~ Martin
Hansjörg Maurer schrieb:
> Hi
>
> we see the similar messages too.
>
> Gerald (Jerry) Carter wrote:
>> m.bland wrote:
>>
>>> thor:/var/log/samba# cat /etc/samba/smb.conf
>>> [global]
>>> workgroup = DOMAIN
>>> realm = DOMAIN
>> Are these really the same value ?
> do they have to?
> When I try to set them to the same value I get the following message
> when joining the domain.
>
> [root at rmvbs02 root]# net ads join -U Admin
> Admin's password:
> The workgroup in /etc/samba/smb.conf does not match the short
> domain name obtained from the server.
> Using the name [DOMNAME] from the server.
> You should set "workgroup = DOMNAME" in /etc/samba/smb.conf.
> Using short domain name -- DOMNAME
> Failed to set servicePrincipalNames. Please ensure that
> the DNS domain of this server matches the AD domain,
> Or rejoin with using Domain Admin credentials.
> Deleted account for 'RMVBS02' in realm 'REALM'
> Failed to join domain: Type or value exists
>
>
> But we have a DNS not matching the REALM.
>
> Could this lead to this problem?
>
> (the above join only works with net rpc join, even while User Admin has
> full rights on the domain)
>
> Greetings
>
> hansjörg
>
>> ...
>>
>>> thor:/var/log/samba# cat /etc/krb5.conf
>>> [libdefaults]
>>> default_realm = DOMAIN.NAME
>>
>>
>>
>>
>>
>> cheers, jerry
>
--
Martin Zielinski mz at seh.de
Software Development
SEH Computertechnik GmbH www.seh.de
More information about the samba
mailing list