[Samba] Joining ADS: unodocumented error

Mon Nov 24 02:47:52 GMT 2008

Hi everyone,

I am trying to set up a file server on Linux for Windows XP boxes in a 
Windows Server 2003 environment. I followed an excellent tutorial on 
Samba and ADS, which I recommend to all newbies like myself: 
http://www.enterprisenetworkingplanet.com/netos/article.php/3487081. 
Kerberos authentication seems to succeed, and apparently there is 
nothing wrong with my smb.conf file, yet when I try to add the server to 
the ADS I get the following error message: "Failed to join domain: 
Invalid configuration and configuration modification was not requested". 
This error seems to be undocumented: I have found nothing either on 
Google or on the samba.org site.

Here's a transcript of a shell session showing this error.

samba:~# kinit
Password for Administrator at ARM.PRIV: <--- Authentication succeeds
samba:~# testparm
Load smb config files from /etc/samba/smb.conf
Processing section "[homes]"
Processing section "[fileserver]"
Processing section "[printers]"
Processing section "[print$]"
Loaded services file OK.
Server role: ROLE_DOMAIN_MEMBER
Press enter to see a dump of your service definitions

[global]
    workgroup = ARM.PRIV
    realm = ARM.PRIV
    server string = File server avanzato
    security = ADS
    log level = 3
    syslog = 0
    log file = /var/log/samba/log.%m
    max log size = 1000
    panic action = /usr/share/samba/panic-action %d
    idmap uid = 10000-20000
    idmap gid = 10000-20000

[homes]
    comment = Home Directories
    valid users = %S
    create mask = 0700
    directory mask = 0700
    browseable = No

[fileserver]
    comment = Cartelle condivise
    path = /var/samba
    read only = No
    create mask = 0700

[printers]
    comment = All Printers
    path = /var/spool/samba
    create mask = 0700
    printable = Yes
    browseable = No

[print$]
    comment = Printer Drivers
    path = /var/lib/samba/printers
samba:~# net ads join -U administrator
Enter administrator's password:
Failed to join domain: Invalid configuration and configuration 
modification was not requested

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^

If I mistype the password I get a different error message:
samba:~# net ads join -U administrator%wrongpassword
Failed to join domain: failed to lookup DC info for domain 'ARM.PRIV' 
over rpc: Logon failure

Can anyone help me?

-- 
Alessandro Baretta

World Family of Radio Maria
http://www.radiomaria.org/

tel. +39 0332 228 150
fax. +39 0332 222 411
cel. +39 335 830 3189
skype alex.baretta
ekiga alexbaretta at ekiga.net