[Samba] joining an AD - SOLVED
Calderon, Willy (NIH/NINDS) [C]
calderow at ninds.nih.gov
Wed Jan 30 18:39:15 GMT 2008
The problem is that Kerberos can only deal with flatname space to
function so you cannot have subdomain.domain.com as the Linux server
name in DNS. Changing that solved this for me.
-----Original Message-----
From: Calderon, Willy (NIH/NINDS) [C]
Sent: Monday, January 28, 2008 7:58 PM
To: Guillermo Gutierrez; samba at lists.samba.org
Subject: RE: [Samba] joining an AD
Thanks. I keep getting this error every time I log in now with the
options you've given below
[2008/01/28 19:49:22, 4] libads/sasl.c:ads_sasl_bind(521)
Found SASL mechanism GSS-SPNEGO
[2008/01/28 19:49:22, 3] libads/sasl.c:ads_sasl_spnego_bind(213)
ads_sasl_spnego_bind: got OID=1 2 840 48018 1 2 2
[2008/01/28 19:49:22, 3] libads/sasl.c:ads_sasl_spnego_bind(213)
ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2
[2008/01/28 19:49:22, 3] libads/sasl.c:ads_sasl_spnego_bind(213)
ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 3
[2008/01/28 19:49:22, 3] libads/sasl.c:ads_sasl_spnego_bind(213)
ads_sasl_spnego_bind: got OID=1 3 6 1 4 1 311 2 2 10
[2008/01/28 19:49:22, 3] libads/sasl.c:ads_sasl_spnego_bind(222)
ads_sasl_spnego_bind: got server principal name = nihdc$@NIH.GOV
[2008/01/28 19:49:22, 4] libsmb/clikrb5.c:ads_krb5_mk_req(610)
ads_krb5_mk_req: Advancing clock by 63 seconds to cope with clock skew
[2008/01/28 19:49:22, 3] libsmb/clikrb5.c:ads_cleanup_expired_creds(528)
ads_cleanup_expired_creds: Ticket in ccache[MEMORY:net_ads] expiration
Tue, 29 Jan 2008 05:50:25 EST
Bad option: SEVERN
Failed to join domain: Invalid parameter
[2008/01/28 19:49:22, 2] utils/net.c:main(1032)
return code = -1
* * * *
Willy Calderon
Contractor - LCG Systems
Unix Systems Administrator
Bldg. 10, NIH/NINDS
Tel: 301 435 1913
-----Original Message-----
From: Guillermo Gutierrez [mailto:ggutierrez at marketscan.com]
Sent: Mon 1/28/2008 4:57 PM
To: Calderon, Willy (NIH/NINDS) [C]; samba at lists.samba.org
Subject: RE: [Samba] joining an AD
Whoops,
The trailing (") should be at the end of the OU path, in your case after
the 'AD'.
The computername is a separate value that you are feeding it.
net ads join createcomputer="Servers/Windows/Computers/AD" computername
-----Original Message-----
From: Calderon, Willy (NIH/NINDS) [C] [mailto:calderow at ninds.nih.gov]
Sent: Monday, January 28, 2008 1:59 PM
To: Guillermo Gutierrez; samba at lists.samba.org
Subject: RE: [Samba] joining an AD
Is there a trailing quote (") after computer name ?
* * * *
Willy Calderon
Contractor - LCG Systems
Tel: 301 435 1913
-----Original Message-----
From: Guillermo Gutierrez [mailto:ggutierrez at marketscan.com]
Sent: Monday, January 28, 2008 4:45 PM
To: Calderon, Willy (NIH/NINDS) [C]; samba at lists.samba.org
Subject: RE: [Samba] joining an AD
You have to use the "createcomputer" parameter if you want to specify
the OUs.
Ex: net ads join createcomputer="Servers/Windows/Computers/AD
computername
-----Original Message-----
From: samba-bounces+ggutierrez=marketscan.com at lists.samba.org
[mailto:samba-bounces+ggutierrez=marketscan.com at lists.samba.org] On
Behalf Of Calderon, Willy (NIH/NINDS) [C]
Sent: Monday, January 28, 2008 1:17 PM
To: samba at lists.samba.org
Subject: [Samba] joining an AD
Hi there -
I am trying to join the domain using the net ads join command but keep
getting a "
Bad option: Servers/Windows/Computers/AD
Failed to join domain: Invalid parameter
when I try to add the computer into the correct OU like so:
net ads join "Servers/Windows/Computers/AD
Is there a correct way to get this to work?
I'm on a Red Hat Enterprise 4 system with samba-3.0.25b-1.el4_6.4
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
More information about the samba
mailing list