[Samba] failed to join domain error

Benedict simon simon at kmun.gov.kw
Fri Mar 27 13:06:02 GMT 2009

Dear All,

I have succesfully managed to have my kerberos configured n working
without error when i say

kinit Administrator
and after entering password i get the # prompt
so its works fine

my krb5.conf

default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log

 default_realm = BALADIA.LOCAL
 dns_lookup_kdc = false

 dns_lookup_realm = false
   default_domain = baladia.local
  kdc = xx.xx.xx.xx:88
  admin_server = xx.xx.xx.xx:749
  kdc = KMUN

baladia.local = BALADIA.LOCAL


klist shows

icket cache: FILE:/tmp/krb5cc_0
Default principal: Administrator at BALADIA.LOCAL

Valid starting     Expires            Service principal
03/26/09 11:33:04  03/26/09 21:33:18  krbtgt/BALADIA.LOCAL at BALADIA.LOCAL
        renew until 03/27/09 11:33:04

Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached


now i configured /etc/samba/smb.conf but when i try to join my Win2003 ADS
domain server

 net ads join -U Administrator
Administrator's password:
[2009/03/26 21:58:05, 0] utils/net_ads.c:ads_startup_int(286)
  ads_connect: No logon servers
Failed to join domain: No logon servers

after googling and tryin various options in /etc/samba/smb.conf file here
is the latest smb.conf file


# Generated by authconfig on 2009/03/26 12:50:28
# DO NOT EDIT THIS SECTION (delimited by --start-line--/--end-line--)
# Any modification may be deleted or altered by authconfig in future

   workgroup = BALADIA.LOCAL
;   password server = kmun.baladia.local
   password server =
   security = ads
   idmap uid = 16777216-33554431
   idmap gid = 16777216-33554431
   winbind separator = +
   template shell = /bin/bash
   winbind use default domain = true
   winbind offline logon = false
   encrypt passwords = yes
  log level = 3
        encrypt passwords = yes
       dns proxy = no
       server string = Samba Server Version %v
       os level = 20
      client use spnego = no
        server signing = auto


where i could be goin wrong
i would be thankful and really apprecite your advice for any setting in my
smb.conf file

Is there anything else to check.
really once again apprecite your help and advice

when i run testparam it gives no errors

output of testparm is


[root at testproxy ~]# testparm
Load smb config files from /etc/samba/smb.conf
Processing section "[homes]"
Processing section "[printers]"
Loaded services file OK.
'winbind separator = +' might cause problems with group membership.
Press enter to see a dump of your service definitions

        workgroup = BALADIA.LOCAL
        realm = KMUN.BALADIA.LOCAL
        server string = Samba Server Version %v
        security = ADS
        password server =
        log level = 3
        server signing = auto
        client use spnego = No
        preferred master = No
        dns proxy = No
        idmap uid = 16777216-33554431
        idmap gid = 16777216-33554431
        template shell = /bin/bash
        winbind separator = +
        winbind use default domain = Yes

        comment = Home Directories
        read only = No
        browseable = No

        comment = All Printers
        path = /var/spool/samba
        printable = Yes
        browseable = No


thnks and Regards


Network ADMIN

This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

More information about the samba mailing list