[Samba] Problem joining linux box to active directory domain
Carlos Ramos
nibau.ramos at gmail.com
Tue Dec 18 16:10:15 GMT 2007
Solved,
I would like to know what solved my problem... the truth is that I'm
not shure. I left the domain and rejoined a few time in my tests. And
it is finaly working. Just so that i can help someone i will put here
my current configuration:
smb.conf:
[global]
netbios name = YOUR_NETBIOS_NAME
password server = KERBEROS_SERVER_IP_ADDRESS
unix charset = LOCALE
workgroup = YOUR_WORKGROUP
realm = YOUR_KERBEROS_REALM
server string = STRING_DESCRIBING_YOUR_SERVER
security = ADS
username map = /etc/samba/smbusers
local master = no
preferred master = no
encrypt passwords = yes
log level = 2
syslog = 0
log file = /var/log/samba/%m
max log size = 50
printcap name = CUPS
ldap ssl = no
idmap uid = 10000-20000
idmap gid = 10000-20000
template shell = /bin/bash
winbind separator = +
#template primary group = "Users"
winbind uid = 10000-20000
winbind gid = 10000-20000
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
/etc/nsswitch.conf:
passwd: compat winbind
shadow: compat
group: compat winbind
hosts: files dns
networks: files dns
services: db files
protocols: db files
rpc: db files
ethers: db files
netmasks: files
netgroup: files
publickey: files
bootparams: files
automount: files
aliases: files
/etc/krb5.conf:
[libdefaults]
default_realm = YOUR_KERBEROS_REALM
[realms]
YOUR_KERBEROS_REALM = {
kdc = YOUR_KERBEROS_SERVER_DNS
}
[domain_realm]
.ipn.pt = YOUR_KERBEROS_REALM
ipn.pt = YOUR_KERBEROS_REALM
/etc/hosts:
(add one line containing)
YOUR_KERBEROS_SERVER_IP_ADDRESS YOUR_KERBEROS_SERVER_DNS
to join the domain i did a simple:
net -d join ads -UYOUR_ADMIN_USERNAME%YOUR_ADMIN_PASSWORD
thank you all for the help you gave me. It led me to the solution.
thank you.
>Hello, I'm having a hard time joining one linux server to an active
>directory domain. I've searched everywhere for a solution but was
>unsuccessful:
>
>I went to samba.org and followed the examples in
>http://us3.samba.org/samba/docs/man/Samba-Guide/
>The examples are great... My scenario is described in chapter 7
>(http://us3.samba.org/samba/docs/man/...ts.html#adssdm)
>It explains how to make a Linux box authenticate in a active directory
>scenario. As soon as i get to the point where the box joins the
>domain:
>
>net ads join -UAdministrator%not24get
>
>I get the error "ads_connect: No logon servers".
>
>I searched all the logs, /var/log/messages /var/log/samba/* and found
>nothing usefull.
>
>transcript of a session:
>
>proxy ~ # tail -f /var/log/messages &
>proxy ~ # tail -f /var/log/samba/* &
>proxy ~ # net ads join -Uadminusername%password
>[2007/12/17 16:47:45, 0] utils/net_ads.c:ads_startup_int(286)
> ads_connect: No logon servers
>Failed to join domain: No logon servers
>proxy ~ #
>
>
>this is my smb.conf:
>[global]
> unix charset = LOCALE
> workgroup = DOMAINNAME
> realm = REALMENAME
> server string = servername
> security = ADS
> username map = /etc/samba/smbusers
> log level = 5
> syslog = 0
> log file = /var/log/samba/%m
> max log size = 50
> printcap name = CUPS
> ldap ssl = no
> idmap uid = 10000-20000
> idmap gid = 10000-20000
> template shell = /bin/bash
> winbind separator = +
> #template primary group = "Users"
>
>
>Can anyone help? I realy don't see what I'm doing wrong.
More information about the samba
mailing list