[Samba] Join AD: no logon server
Tam McLaughlin
tam.mclaughlin at gmail.com
Thu Oct 23 08:03:56 GMT 2008
Hello,
I am trying to join my server to a Win2k AD domain.
I have configured kerberos and can get a ticket but when I try to join the
AD I get the error "Failed to join domain: No logon servers" as detailed
below.
I have searched the archives and google and followed some suggestions to get
my files into the correct format but still have a problem.
I am using Samba version 3.0.32-0.fc8 on Fedora 8, kernel 2.6.25.11-60.fc8
I have detailed my krb5.conf, smb.conf, kinit cmd and debug output from my
net ads join cmd below.
Can anyone offer me any pointers?
Is there anything I can get the windows admin to check?
Thanks
Tam
================
/etc/krb5.conf
================
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = NSUK.NSC.COM
dns_lookup_realm = false
dns_lookup_kdc = false
ticket_lifetime = 24h
forwardable = yes
[realms]
NSUK.NSC.COM = {
kdc = nsuk-ukdc3.nsuk.nsc.com
admin_server = nsuk-ukdc3.nsuk.nsc.com
default_domain = nsuk.nsc.com
}
[domain_realm]
.nsuk.nsc.com = NSUK.NSC.COM
nsuk.nsc.com = NSUK.NSC.COM
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
=============================
/etc/samba/smb.conf
=============================
[global]
workgroup = NSUK
netbios name = uklnxws01
security = ads
realm = NSUK.NSC.COM
password server = 10.191.2.29
encrypt passwords = yes
domain master = no
domain logons = no
local master = no
preferred master = no
==========
kinit
==========
#kinit adminbm at NSUK.NSC.COM
Password for adminbm at NSUK.NSC.COM:
#klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: adminbm at NSUK.NSC.COM
Valid starting Expires Service principal
10/22/08 16:49:56 10/23/08 02:50:04 krbtgt/NSUK.NSC.COM at NSUK.NSC.COM
renew until 10/23/08 16:49:56
Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached
=========================
other
=========================
cat /etc/hosts
10.191.2.29 nsuk-ukdc3 nsuk-ukdc3.nsuk.nsc.com
cat /etc/resolv.conf
domain nsc.com
nameserver 10.191.2.29
nameserver x.x.x.x
nameserver y.y.y.y
nslookup nsuk-ukdc3.nsuk.nsc.com & 10.191.2.29
returns ok
but
nslookup nsuk-ukdc3
does not unless I use nsuk-ukdc.nsuk.nsc.com
=================================
I have tried using: net ads join in a number of combinations including
without the -S and createcomputer but the debug output is effectively the
same:
# net ads join createcomputer="servers/unix" -Snsuk-
ukdc3.uk.nsc.com -d10
[2008/10/22 16:51:35, 5] lib/debug.c:debug_dump_status(391)
INFO: Current debug levels:
all: True/10
tdb: False/0
printdrivers: False/0
lanman: False/0
smb: False/0
rpc_parse: False/0
rpc_srv: False/0
rpc_cli: False/0
passdb: False/0
sam: False/0
auth: False/0
winbind: False/0
vfs: False/0
idmap: False/0
quota: False/0
acls: False/0
locking: False/0
msdfs: False/0
dmapi: False/0
Processing section "[global]"
doing parameter workgroup = NSUK
doing parameter netbios name = uklnxws01
[2008/10/22 16:51:35, 4] param/loadparm.c:handle_netbios_name(3153)
handle_netbios_name: set global_myname to: UKLNXWS01
doing parameter server string = Samba Server Version %v
doing parameter security = ads
doing parameter realm = NSUK.NSC.COM
doing parameter password server = 10.191.2.29
doing parameter encrypt passwords = yes
doing parameter domain master = no
doing parameter domain logons = no
doing parameter local master = no
doing parameter preferred master = no
2008/10/22 16:51:35, 4] param/loadparm.c:lp_load(5095)
pm_process() returned Yes
[2008/10/22 16:51:35, 7] param/loadparm.c:lp_servicenumber(5233)
lp_servicenumber: couldn't find homes
[2008/10/22 16:51:35, 10] param/loadparm.c:set_server_role(4339)
set_server_role: role = ROLE_DOMAIN_MEMBER
[2008/10/22 16:51:35, 5] lib/iconv.c:smb_register_charset(105)
Attempting to register new charset UCS-2LE
Netbios name list:-
my_netbios_names[0]="UKLNXWS01"
[2008/10/22 16:51:35, 2] lib/interface.c:add_interface(81)
added interface ip=10.191.164.102 bcast=10.191.164.255 nmask=255.255.255.0
[2008/10/22 16:51:35, 2] lib/interface.c:add_interface(81)
added interface ip=192.168.122.1 bcast=192.168.122.255 nmask=255.255.255.0
[2008/10/22 16:51:35, 2] lib/interface.c:add_interface(81)
added interface ip=192.168.87.1 bcast=192.168.87.255 nmask=255.255.255.0
[2008/10/22 16:51:35, 2] lib/interface.c:add_interface(81)
added interface ip=192.168.104.1 bcast=192.168.104.255 nmask=255.255.255.0
[2008/10/22 16:51:35, 5] lib/gencache.c:gencache_init(61)
Opening cache file at /var/lib/samba/gencache.tdb
[2008/10/22 16:51:35, 10] lib/gencache.c:gencache_get(212)
Cache entry with key = AD_SITENAME/DOMAIN/NSUK.NSC.COM couldn't be found
[2008/10/22 16:51:35, 5] libads/dns.c:sitename_fetch(706)
sitename_fetch: No stored sitename for NSUK.NSC.COM
[2008/10/22 16:51:35, 4] libsmb/namequery_dc.c:ads_dc_name(73)
ads_dc_name: domain=NSUK
[2008/10/22 16:51:35, 10] lib/gencache.c:gencache_get(212)
Cache entry with key = AD_SITENAME/DOMAIN/NSUK.NSC.COM couldn't be found
[2008/10/22 16:51:35, 5] libads/dns.c:sitename_fetch(706)
sitename_fetch: No stored sitename for NSUK.NSC.COM
[2008/10/22 16:51:35, 6] libads/ldap.c:ads_find_dc(294)
ads_find_dc: looking for realm 'NSUK.NSC.COM'
[2008/10/22 16:51:35, 8] libsmb/namequery.c:get_sorted_dc_list(1644)
get_sorted_dc_list: attempting lookup for name NSUK.NSC.COM (sitename
NULL) using [ads]
[2008/10/22 16:51:35, 10] lib/gencache.c:gencache_get(212)
Cache entry with key = SAF/DOMAIN/NSUK.NSC.COM couldn't be found
[2008/10/22 16:51:35, 5] libsmb/namequery.c:saf_fetch(133)
saf_fetch: failed to find server for "NSUK.NSC.COM" domain
[2008/10/22 16:51:35, 3] libsmb/namequery.c:get_dc_list(1495)
get_dc_list: preferred server list: ", 10.191.2.29"
[2008/10/22 16:51:35, 10] lib/gencache.c:gencache_get(212)
Cache entry with key = AD_SITENAME/DOMAIN/NSUK.NSC.COM couldn't be found
[2008/10/22 16:51:35, 5] libads/dns.c:sitename_fetch(706)
sitename_fetch: No stored sitename for NSUK.NSC.COM
[2008/10/22 16:51:35, 10] libsmb/namequery.c:remove_duplicate_addrs2(435)
remove_duplicate_addrs2: looking for duplicate address/port pairs
[2008/10/22 16:51:35, 4] libsmb/namequery.c:get_dc_list(1605)
get_dc_list: returning 1 ip addresses in an ordered list
[2008/10/22 16:51:35, 4] libsmb/namequery.c:get_dc_list(1606)
get_dc_list: 10.191.2.29:389
[2008/10/22 16:51:35, 5] libads/ldap.c:ads_try_connect(180)
ads_try_connect: sending CLDAP request to 10.191.2.29 (realm: NSUK.NSC.COM
)
[2008/10/22 16:51:35, 1] libads/cldap.c:recv_cldap_netlogon(247)
Failed to parse cldap reply
[2008/10/22 16:51:35, 3] libads/ldap.c:ads_try_connect(189)
ads_try_connect: CLDAP request 10.191.2.29 failed.
[2008/10/22 16:51:35, 10]
libsmb/conncache.c:add_failed_connection_entry(140)
add_failed_connection_entry: added domain NSUK.NSC.COM (10.191.2.29) to
failed conn cache
[2008/10/22 16:51:35, 8] libsmb/namequery.c:get_sorted_dc_list(1644)
get_sorted_dc_list: attempting lookup for name NSUK (sitename NULL) using
[lmhosts wins host bcast]
[2008/10/22 16:51:35, 10] lib/gencache.c:gencache_get(212)
Cache entry with key = SAF/DOMAIN/NSUK couldn't be found
[2008/10/22 16:51:35, 5] libsmb/namequery.c:saf_fetch(133)
saf_fetch: failed to find server for "NSUK" domain
[2008/10/22 16:51:35, 3] libsmb/namequery.c:get_dc_list(1495)
get_dc_list: preferred server list: ", 10.191.2.29"
[2008/10/22 16:51:35, 10] lib/gencache.c:gencache_get(212)
Cache entry with key = AD_SITENAME/DOMAIN/NSUK.NSC.COM couldn't be found
[2008/10/22 16:51:35, 5] libads/dns.c:sitename_fetch(706)
sitename_fetch: No stored sitename for NSUK.NSC.COM
[2008/10/22 16:51:35, 10] libsmb/namequery.c:remove_duplicate_addrs2(435)
remove_duplicate_addrs2: looking for duplicate address/port pairs
[2008/10/22 16:51:35, 4] libsmb/namequery.c:get_dc_list(1605)
get_dc_list: returning 1 ip addresses in an ordered list
[2008/10/22 16:51:35, 4] libsmb/namequery.c:get_dc_list(1606)
get_dc_list: 10.191.2.29:389
[2008/10/22 16:51:35, 10] libsmb/namequery.c:name_status_find(303)
name_status_find: looking up NSUK#1c at 10.191.2.29
[2008/10/22 16:51:35, 10] lib/gencache.c:gencache_get(212)
Cache entry with key = NBT/NSUK#1C.20.10.191.2.29 couldn't be found
[2008/10/22 16:51:35, 5] libsmb/namecache.c:namecache_status_fetch(346)
namecache_status_fetch: no entry for NBT/NSUK#1C.20.10.191.2.29 found.
[2008/10/22 16:51:35, 10] lib/util_sock.c:open_socket_in(831)
bind succeeded on port 0
2008/10/22 16:51:35, 5] libsmb/nmblib.c:send_udp(779)
Sending a packet of len 50 to (10.191.2.29) on port 137
[2008/10/22 16:51:35, 10] lib/util_sock.c:read_udp_socket(294)
read_udp_socket: lastip 10.191.2.29 lastport 137 read: 319
[2008/10/22 16:51:35, 10] libsmb/nmblib.c:parse_nmb(506)
parse_nmb: packet id = 10060
[2008/10/22 16:51:35, 5] libsmb/nmblib.c:read_packet(757)
Received a packet of len 319 from (10.191.2.29) port 137
[2008/10/22 16:51:35, 4] libsmb/nmblib.c:debug_nmb_packet(112)
nmb packet from 10.191.2.29(137) header: id=10060 opcode=Query(0)
response=Yes
header: flags: bcast=No rec_avail=No rec_des=No trunc=No auth=Yes
header: rcode=0 qdcount=0 ancount=1 nscount=0 arcount=0
answers: nmb_name=NSUK<1c> rr_type=33 rr_class=1 ttl=0
answers 0 char .NSUK-UKDC3 hex
0B4E53554B2D554B4443332020202020
answers 10 char .D.NSUK hex
0044004E53554B202020202020202020
answers 20 char ...NSUK hex
202000C4004E53554B20202020202020
answers 30 char ...NSUK-UKDC hex
202020201CC4004E53554B2D554B4443
answers 40 char 3 D.NSUK hex
3320202020202044004E53554B202020
answers 50 char .D.NSUK- hex
20202020202020201B44004E53554B2D
answers 60 char UKDC3 .D.NSU hex
554B44433320202020200344004E5355
answers 70 char K ...N hex
4B20202020202020202020201EC4004E
answers 80 char SUK .D hex
53554B20202020202020202020201D44
answers 90 char ...__MSBROWSE__. hex
0001025F5F4D5342524F5753455F5F02
answers a0 char ...ADMINDK hex
01C40041444D494E444B202020202020
answers b0 char .D.ADMINMS hex
202003440041444D494E4D5320202020
answers c0 char .D....4..... hex
2020202003440000188B34C082000000
answers d0 char ................ hex
00000000000000000000000000000000
answers e0 char ................ hex
00000000000000000000000000000000
answers f0 char ..... hex 0000000000
[2008/10/22 16:51:35, 10] libsmb/namequery.c:parse_node_status(185)
NSUK-UKDC3#00: flags = 0x44
[2008/10/22 16:51:35, 10] libsmb/namequery.c:parse_node_status(185)
NSUK#00: flags = 0xc4
[2008/10/22 16:51:35, 10] libsmb/namequery.c:parse_node_status(185)
NSUK#1c: flags = 0xc4
[2008/10/22 16:51:35, 10] libsmb/namequery.c:parse_node_status(185)
NSUK-UKDC3#20: flags = 0x44
[2008/10/22 16:51:35, 10] libsmb/namequery.c:parse_node_status(185)
NSUK#1b: flags = 0x44
[2008/10/22 16:51:35, 10] libsmb/namequery.c:parse_node_status(185)
NSUK-UKDC3#03: flags = 0x44
[2008/10/22 16:51:35, 10] libsmb/namequery.c:parse_node_status(185)
NSUK#1e: flags = 0xc4
[2008/10/22 16:51:35, 10] libsmb/namequery.c:parse_node_status(185)
NSUK#1d: flags = 0x44
[2008/10/22 16:51:35, 10] libsmb/namequery.c:parse_node_status(185)
^A^B__MSBROWSE__^B#01: flags = 0xc4
[2008/10/22 16:51:35, 10] libsmb/namequery.c:parse_node_status(185)
ADMINDK#03: flags = 0x44
[2008/10/22 16:51:35, 10] libsmb/namequery.c:parse_node_status(185)
ADMINMS#03: flags = 0x44
[2008/10/22 16:51:35, 10] libsmb/namequery.c:name_status_find(342)
name_status_find: name found, name NSUK-UKDC3 ip address is 10.191.2.29
[2008/10/22 16:51:35, 3] libsmb/namequery_dc.c:rpc_dc_name(194)
rpc_dc_name: Returning DC NSUK-UKDC3 (10.191.2.29) for domain NSUK
[2008/10/22 16:51:35, 5] libads/ldap.c:ads_try_connect(180)
ads_try_connect: sending CLDAP request to nsuk-ukdc3.uk.nsc.com (realm:
NSUK.NSC.COM)
[2008/10/22 16:51:38, 3] lib/util.c:interpret_addr(1332)
sys_gethostbyname: Unknown host. nsuk-ukdc3.uk.nsc.com
[2008/10/22 16:51:38, 1] libads/cldap.c:recv_cldap_netlogon(219)
no reply received to cldap netlogon
[2008/10/22 16:51:38, 3] libads/ldap.c:ads_try_connect(189)
ads_try_connect: CLDAP request nsuk-ukdc3.uk.nsc.com failed.
[2008/10/22 16:51:38, 10] lib/gencache.c:gencache_get(212)
Cache entry with key = AD_SITENAME/DOMAIN/NSUK.NSC.COM couldn't be found
[2008/10/22 16:51:38, 5] libads/dns.c:sitename_fetch(706)
sitename_fetch: No stored sitename for NSUK.NSC.COM
[2008/10/22 16:51:38, 6] libads/ldap.c:ads_find_dc(294)
ads_find_dc: looking for realm 'NSUK.NSC.COM'
[2008/10/22 16:51:38, 8] libsmb/namequery.c:get_sorted_dc_list(1644)
get_sorted_dc_list: attempting lookup for name NSUK.NSC.COM (sitename
NULL) using [ads]
[2008/10/22 16:51:38, 10] lib/gencache.c:gencache_get(212)
Cache entry with key = SAF/DOMAIN/NSUK.NSC.COM couldn't be found
[2008/10/22 16:51:38, 5] libsmb/namequery.c:saf_fetch(133)
saf_fetch: failed to find server for "NSUK.NSC.COM" domain
[2008/10/22 16:51:38, 3] libsmb/namequery.c:get_dc_list(1495)
get_dc_list: preferred server list: ", 10.191.2.29"
[2008/10/22 16:51:38, 10] lib/gencache.c:gencache_get(212)
Cache entry with key = AD_SITENAME/DOMAIN/NSUK.NSC.COM couldn't be found
[2008/10/22 16:51:38, 5] libads/dns.c:sitename_fetch(706)
sitename_fetch: No stored sitename for NSUK.NSC.COM
[2008/10/22 16:51:38, 10]
libsmb/conncache.c:check_negative_conn_cache_timeout(86)
check_negative_conn_cache: returning negative entry for NSUK.NSC.COM,
10.191.2.29
[2008/10/22 16:51:38, 5] libsmb/namequery.c:get_dc_list(1585)
get_dc_list: negative entry 10.191.2.29 removed from DC list
[2008/10/22 16:51:38, 4] libsmb/namequery.c:get_dc_list(1605)
get_dc_list: returning 0 ip addresses in an ordered list
[2008/10/22 16:51:38, 4] libsmb/namequery.c:get_dc_list(1606)
get_dc_list:
[2008/10/22 16:51:38, 6] libads/ldap.c:ads_find_dc(294)
ads_find_dc: looking for domain 'NSUK.NSC.COM'
[2008/10/22 16:51:38, 8] libsmb/namequery.c:get_sorted_dc_list(1644)
get_sorted_dc_list: attempting lookup for name NSUK.NSC.COM (sitename
NULL) using [lmhosts wins host bcast]
[2008/10/22 16:51:38, 10] lib/gencache.c:gencache_get(212)
Cache entry with key = SAF/DOMAIN/NSUK.NSC.COM couldn't be found
[2008/10/22 16:51:38, 5] libsmb/namequery.c:saf_fetch(133)
saf_fetch: failed to find server for "NSUK.NSC.COM" domain
[2008/10/22 16:51:38, 3] libsmb/namequery.c:get_dc_list(1495)
get_dc_list: preferred server list: ", 10.191.2.29"
[2008/10/22 16:51:38, 10] lib/gencache.c:gencache_get(212)
Cache entry with key = AD_SITENAME/DOMAIN/NSUK.NSC.COM couldn't be found
[2008/10/22 16:51:38, 5] libads/dns.c:sitename_fetch(706)
sitename_fetch: No stored sitename for NSUK.NSC.COM
[2008/10/22 16:51:38, 10]
libsmb/conncache.c:check_negative_conn_cache_timeout(86)
check_negative_conn_cache: returning negative entry for NSUK.NSC.COM,
10.191.2.29
[2008/10/22 16:51:38, 5] libsmb/namequery.c:get_dc_list(1585)
get_dc_list: negative entry 10.191.2.29 removed from DC list
[2008/10/22 16:51:38, 4] libsmb/namequery.c:get_dc_list(1605)
get_dc_list: returning 0 ip addresses in an unordered list
[2008/10/22 16:51:38, 4] libsmb/namequery.c:get_dc_list(1606)
get_dc_list:
[2008/10/22 16:51:38, 0] utils/net_ads.c:ads_startup_int(286)
ads_connect: No logon servers
[2008/10/22 16:51:38, 1] utils/net_ads.c:net_ads_join(1470)
error on ads_startup: No logon servers
[2008/10/22 16:51:38, 10] intl/lang_tdb.c:lang_tdb_init(138)
lang_tdb_init: /usr/lib/samba/en_US.UTF-8.msg: No such file or directory
Failed to join domain: No logon servers
[2008/10/22 16:51:38, 2] utils/net.c:main(1075)
return code = -1
More information about the samba
mailing list