[Samba] set up for Active Directory

McGranahan, Jamen jamen.mcgranahan at Vanderbilt.Edu
Wed Apr 15 13:23:58 GMT 2009 

Actually, I get results for LDAP, ADS, KRB, & WINBIND, which is why I
thought this would work:

# smbd -b|grep LDAP
   HAVE_LDAP_H
   HAVE_LDAP
   HAVE_LDAP_ADD_RESULT_ENTRY
   HAVE_LDAP_INIT
   HAVE_LDAP_INITIALIZE
   HAVE_LDAP_SASL_WRAPPING
   HAVE_LDAP_SET_REBIND_PROC
   HAVE_LIBLDAP
   LDAP_SET_REBIND_PROC_ARGS
# smbd -b|grep KRB
   HAVE_KRB5_H
   HAVE_KRB5_LOCATE_PLUGIN_H
   HAVE_ADDRTYPE_IN_KRB5_ADDRESS
   HAVE_INITIALIZE_KRB5_ERROR_TABLE
   HAVE_KRB5
   HAVE_KRB5_AUTH_CON_SETUSERUSERKEY
   HAVE_KRB5_AUTH_CON_SET_REQ_CKSUMTYPE
   HAVE_KRB5_C_ENCTYPE_COMPARE
   HAVE_KRB5_C_VERIFY_CHECKSUM
   HAVE_KRB5_ENCRYPT_BLOCK
   HAVE_KRB5_ENCRYPT_DATA
   HAVE_KRB5_ENCTYPE_TO_STRING
   HAVE_KRB5_ENCTYPE_TO_STRING_WITH_SIZE_T_ARG
   HAVE_KRB5_FREE_DATA_CONTENTS
   HAVE_KRB5_FREE_KEYTAB_ENTRY_CONTENTS
   HAVE_KRB5_FREE_UNPARSED_NAME
   HAVE_KRB5_FWD_TGT_CREDS
   HAVE_KRB5_GET_INIT_CREDS_OPT_ALLOC
   HAVE_KRB5_GET_INIT_CREDS_OPT_FREE
   HAVE_KRB5_GET_PERMITTED_ENCTYPES
   HAVE_KRB5_GET_RENEWED_CREDS
   HAVE_KRB5_KEYBLOCK_IN_CREDS
   HAVE_KRB5_KEYTAB_ENTRY_KEY
   HAVE_KRB5_KEYUSAGE_APP_DATA_CKSUM
   HAVE_KRB5_KT_FREE_ENTRY
   HAVE_KRB5_LOCATE_KDC
   HAVE_KRB5_MK_REQ_EXTENDED
   HAVE_KRB5_PRINCIPAL2SALT
   HAVE_KRB5_PRINC_COMPONENT
   HAVE_KRB5_PRINC_REALM
   HAVE_KRB5_SET_DEFAULT_TGS_ENCTYPES
   HAVE_KRB5_SET_DEFAULT_TGS_KTYPES
   HAVE_KRB5_SET_REAL_TIME
   HAVE_KRB5_STRING_TO_KEY
   HAVE_KRB5_TKT_ENC_PART2
   HAVE_KRB5_USE_ENCTYPE
   HAVE_KRB5_VERIFY_CHECKSUM
   HAVE_LIBGSSAPI_KRB5
   HAVE_LIBKRB5
   HAVE_MAGIC_IN_KRB5_ADDRESS
   HAVE_SHORT_KRB5_MK_ERROR_INTERFACE
   HAVE_TICKET_POINTER_IN_KRB5_AP_REQ
   KRB5_CREDS_OPT_FREE_REQUIRES_CONTEXT
   KRB5_TICKET_HAS_KEYINFO
   KRB5_VERIFY_CHECKSUM_ARGS
# smbd -b|grep ADS
   WITH_ADS
   WITH_ADS
# smbd -b|grep WINBIND
   WITH_WINBIND
   WITH_WINBIND



Jamen McGranahan
Systems Services Librarian
Vanderbilt University


-----Original Message-----
From: jerry [mailto:jerry at samba.org] 
Sent: Tuesday, April 14, 2009 1:15 PM
To: McGranahan, Jamen
Cc: samba at lists.samba.org
Subject: Re: [Samba] set up for Active Directory

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

McGranahan, Jamen wrote:
> OK, I've installed the MIT version of KRB5 & samba appears to have
> installed correctly. However, it appears that I am not able to join my
> domain.

If `smbd -b | WITH_ADS` returns nothing, then you don't have
ADS support (as the long indicates).  You're last email
was about insufficient ldap_initialize support.  SO did you
install the OpenLDAP client libs?

> # ./net ads join -U mcgranj at DS.VANDERBILT.EDU
> [2009/04/14 11:36:50,  0] param/loadparm.c:lp_set_enum_parm(7097)
>   WARNING: Ignoring invalid value 'ADS' for parameter 'security'
> [2009/04/14 11:36:50,  0] param/loadparm.c:lp_do_parameter(7174)
>   Ignoring unknown parameter "realm"
> ADS support not compiled in





cheers, jerry
- --
=====================================================================
http://git.plainjoe.org/                                         CODE
"What man is a man who does not make the world better?"      --Balian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFJ5NKcIR7qMdg1EfYRAlLBAJ9YXh9Gw7z3SzosvYx25m6mNtVw3gCfXlPX
B9ic6Qk7LsQEzWm8B++6KP4=
=IIK5
-----END PGP SIGNATURE-----

More information about the samba mailing list