[Samba] Re: net ads join failed
Thomas Vito
shoktai at gmail.com
Thu Sep 4 15:38:44 GMT 2008
Indeed.
After a record dns creation everything works fine
2008/9/4 Hoover, Tony <hoover at sal.ksu.edu>
> It means that your primary DNS server does not support dynamic updates.
>
>
> On Thu, 2008-09-04 at 16:54 +0200, Thomas Vito wrote:
> > Apparently something is wrong with my hosts file. I have changed it and
> now
> > get a much better result:
> > [root at amsdev-dv10 ~]# net ads join -U apacci at EU.ACME.COM
> > apacci at EU.ACME.COM's password:
> > Using short domain name -- ACME
> > DNS update failed!
> > Joined 'AMSDEV-DV10' to realm 'EU.ACME.COM'
> >
> > What the dns update failed means?
> >
> >
> > 2008/9/4 Thomas Vito <shoktai at gmail.com>
> >
> > > Hi,
> > >
> > > I am trying to join a samba server to my AD directory but if fails:
> > >
> > > [root at localhost postfix]# net ads join -U apacci at ACME
> > > apacci at ACNEU's password:
> > > [2008/09/04 15:12:45, 0] libads/kerberos.c:ads_kinit_password(228)
> > > kerberos_kinit_password apacci at ACME failed: Cannot resolve network
> > > address for KDC in requested realm
> > > Failed to join domain: Undetermined error
> > >
> > > [root at localhost postfix]# net ads join -U apacci at EU.ACME.COM
> > > apacci at EU.ACME.COM's password:
> > > Using short domain name -- ACME
> > > Failed to set servicePrincipalNames. Please ensure that
> > > the DNS domain of this server matches the AD domain,
> > > Or rejoin with using Domain Admin credentials.
> > > Deleted account for 'AMSDEV-DV10' in realm 'EU.ACME.COM'
> > > Failed to join domain: Type or value exists
> > >
> > > There is no computer account named amsdev-dv10 in my directory.
> > >
> > > kinit doesn't return anything
> > > [root at localhost postfix]# kinit apacci
> > > Password for apacci at EU.ACME.COM:
> > >
> > > My resolv.conf is ok.I can ping and resolve hosts in my AD. My
> /etc/host
> > > file is basic:
> > > ::1 localhost.localdomain localhost amsdev-dv10
> > >
> > > The username is domain admin.
> > >
> > > My krb5.conf is as follow:
> > >
> > > [libdefaults]
> > > default_realm = EU.ACME.COM
> > > dns_lookup_realm = false
> > > dns_lookup_kdc = false
> > > ticket_lifetime = 24h
> > > forwardable = yes
> > >
> > > [realms]
> > >
> > > EU.ACME.COM = {
> > > kdc = amsterdam-dc02.eu.acme.com
> > > kdc = amsterdam-dc01.eu.acme.com
> > > admin_server = amsterdam-dc02.eu.acme.com
> > > master_kdc = amsterdam-dc02.eu.acme.com
> > > default_domain = eu.acme.com
> > > }
> > >
> > > [domain_realm]
> > >
> > > eu.acme.com = EU.ACME.COM
> > > .eu.acme.com = EU.ACME.COM
> > > .acme.com = EU.ACME.COM
> > > acme.com = EU.ACME.COM
> > > [kdc]
> > > profile = /etc/kdc.conf
> > >
> > > smb.conf
> > >
> > > [global]
> > >
> > > workgroup = ACME
> > > password server = 10.130.12.100
> > > realm = EU.ACME.COM
> > > security = ADS
> > > idmap uid = 16777216-33554431
> > > idmap gid = 16777216-33554431
> > > winbind separator = +
> > > template shell = /bin/false
> > > winbind use default domain = true
> > > winbind offline logon = false
> > >
> > >
> > > server string = Samba Server Version %v
> > > passdb backend = tdbsam
> > > preferred master = No
> > > wins server = 10.130.10.100
> > > ldap ssl = no
> > > winbind enum users = Yes
> > > winbind enum groups = Yes
> > >
> > > [homes]
> > > comment = Home Directories
> > > read only = No
> > > browseable = No
> > >
> > >
> > >
> > >
> > >
>
>
More information about the samba
mailing list