[Samba] Error while contacting ADS from Samba server

Doug VanLeuven roamdad at sonic.net
Sat Jul 28 22:46:04 GMT 2007 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Rahul wrote:
> Hi Doug,
>         Thanks for your timely reply.
> 
> We have verified the things which you have mentioned in your mail in the
> security settings but with any combination the result does not change. We
> have also resolved the invalid parameters and module load warnings that was
> getting reported in the log file.
> 
> When we give net rpc join -U Username%password , its joining to the domain.
> But when we give net ads join  -U username%password , its giving problem and
> reporting the following error
> 
>    Failed to get ldap server info
>    ads_connect: No results returned

At this point, verify /etc/krb5.conf

I always use this option in smb.conf
   use kerberos keytab = Yes

because it's easier than generating the key on the DC and importing it
on the samba server.  Samba takes care of the entire process.  As I
understand it, if you don't use this option, you need to join the linux
server to the DC realm to the extent "kinit username at REALM" works before
attempting to join samba to the domain.

To list the keys currently installed, as root
   klist -ke

With "use kerberos keytab = yes" your keylist will look something like this:
Keytab name: FILE:/etc/krb5.keytab
KVNO Principal
- --------------------------------------------------------------------------
   2 host/terabox.jhcc.org at JHCC.ORG (DES cbc mode with CRC-32)
   2 host/terabox.jhcc.org at JHCC.ORG (DES cbc mode with RSA-MD5)
   2 host/terabox.jhcc.org at JHCC.ORG (ArcFour with HMAC/md5)
   2 host/terabox at JHCC.ORG (DES cbc mode with CRC-32)
   2 host/terabox at JHCC.ORG (DES cbc mode with RSA-MD5)
   2 host/terabox at JHCC.ORG (ArcFour with HMAC/md5)
   2 terabox$@JHCC.ORG (DES cbc mode with CRC-32)
   2 terabox$@JHCC.ORG (DES cbc mode with RSA-MD5)
   2 terabox$@JHCC.ORG (ArcFour with HMAC/md5)

Regards, Doug
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with SUSE - http://enigmail.mozdev.org

iD8DBQFGq8csFqWysr/jOHMRAiDWAKCflFgPj9mkygsyEMfAj+A0YerYigCgiXaX
MCqMFsIipub+u37C71DwX/U=
=Zabs
-----END PGP SIGNATURE-----

More information about the samba mailing list