[Samba] net ads join -U syntax

Zottel tNimphy at web.de
Mon Mar 23 13:06:29 GMT 2009

I try to join a Samba 3.2 server on RHEL 4 to AD using

net ads join -d 2 -U myaccount at DOMAIN.COM

It seems that the net utility does not 'like' a full qualified userid 
any longer. I was able to join using samba v3.09 and v3.025 but with 
3.2.8 I'm only able to join submitting a plain userid (without @domain 
appended), i.e.

net ads join -d 2 -U myaccount

When joining using the 'full qualified' userid myaccount at DOMAIN.COM, I get

kerberos_kinit_password myaccount at DOMAIN.COM@SUB1.DOMAIN.COM failed: 
Malformed representation of principal

in the logs. Quite obvious, that the net utility appends the realm entry 
  from smb.conf (SUB1.DOMAIN.COM in my case) to the userid, though it 
should not, as I already provided it.

Does anybody know if this behaviour has been changed on purpose from 3.0 
to 3.2? Any workarounds that exist?
I tested with Samba 3.3.1 as well, same behaviour.

Regards .. Thomas

More information about the samba mailing list