FW: [Samba] samba and active directory on win 2003

Jaan Talvet jtalvet at njsba.org
Wed Mar 26 19:48:09 GMT 2008 

Victor, 

I just spent hours searching for the solution to the same problem you
are having using samba version 3.0.25b after an upgrade from version
3.0.10. the resolution for me was posted by Volker Lendecke:

"
> Make sure that the fully qualified domain name and your host name 
> differ in the sense that you actually have a domain appended.
>
> Under Linux, "hostname" and "hostname -f" need to return different 
> things, hostname -f should preferrably show your AD domain name 
> appended.
>
> Volker
"
My /etc/hosts had an alias that made hostname & hostname -r return the
same value.

broken:
127.0.0.1       zelda localhost.localdomain   localhost
172.16.1.29     zelda.ournetwork.org zelda

Works:
127.0.0.1       localhost.localdomain   localhost
172.16.1.29     zelda.ournetwork.org zelda

Hope this helps
-jaan 


-----Original Message-----
From: Victor Sterpu [mailto:victor at ambra.ro] 
Sent: Saturday, March 08, 2008 3:36 PM
To: samba at lists.samba.org
Subject: [Samba] samba and active directory on win 2003

I use samba Version 3.0.25b-1.el5_1.4.
When I try to join the domain adtest.ro I receive the following error:

[root at zimbra samba]# net ads join -U Administrator
Administrator's password:
Using short domain name -- ADTEST
Failed to set servicePrincipalNames. Please ensure that
the DNS domain of this server matches the AD domain,
Or rejoin with using Domain Admin credentials.
Deleted account for 'ZIMBRA' in realm 'ADTEST.RO'
Failed to join domain: Type or value exists

In the process of joining the domain samba refers to 
ADTEST-U5HTDLBY.ADTEST.RO instead adtest.ro.
I don't know why but I belive this is the cause of the problem.

hosts.conf contain this:
192.168.1.1             adtest.ro ADTEST-U5HTDLBY.ADTEST.RO

Kerberos authentication is ok:
"kinit Administrator at ADTEST.RO
Password for Administrator at ADTEST.RO: " returns no error.

samba.conf contains this configuration:
[global]
workgroup = ADTEST
realm = ADTEST.RO
password server = ADTEST-U5HTDLBY.ADTEST.RO
preferred master = no
server string = Linux Test Machine
security = ADS
encrypt passwords = yes
log level = 3
log file = /var/log/samba/%m
max log size = 50
printcap name = cups
printing = cups
winbind enum users = Yes
winbind enum groups = Yes
winbind use default domain = Yes
winbind nested groups = Yes
winbind separator = +
idmap uid = 600-20000
idmap gid = 600-20000
;template primary group = "Domain Users"
template shell = /bin/bash

[homes]
comment = Home Direcotries
valid users = %S
read only = No
browseable = No

[printers]
comment = All Printers
path = /var/spool/cups
browseable = no
printable = yes
guest ok = yes

Thank you.
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

More information about the samba mailing list