[Samba] Error Joining a Domain
Ian
barnracoon at gmail.com
Tue Sep 11 21:20:10 GMT 2007
Hi,
I am trying to join my FreeBSD machine to an AD domain and keep
getting the following error when joining the domain using samba 3.0.24
:
Failed to set servicePrincipalNames. Please ensure that
the DNS domain of this server matches the AD domain,
Or rejoin with using Domain Admin credentials.
Disabled account for 'S058002' in realm 'DS1.AD.DOMAIN.COM'
According to the AD guys the account is not disabled. Here is my smb.conf
[global]
winbind separator=+
winbind cache time=10
workgroup=DOMAIN
realm=DS1.AD.DOMAIN.COM
security=ads
winbind uid=10000-20000
winbind gid=10000-20000
winbind use default domain=yes
client ntlmv2 auth=yes
I am joining the domain with the following command:
/usr/local/bin/net ads join -S hostname.domain.com -w DOMAIN -U
username%password and thats what produces the error above.
A couple of things regarding this that may or may not help.
1.) I am using this exact same setup on another machine that is
running Samba (except that ones version is 3.0.21b) and it works
there.
2.) The full hostname is not resolvable if you do an nslookup on both
machines, even though the older version connects fine.
3.) I am using kerberos if that makes a difference - although it
issues me the ticket just fine!
Anyone have any ideas as to what could be wrong?
Thanks
Ian
More information about the samba
mailing list