[Samba] Core dump trying to join domain on FreeBSD
Christian Ullrich
chris at chrullrich.net
Sun Dec 30 11:02:39 MST 2012
Hello all,
I have been trying for a while now to join a FreeBSD machine to an
existing AD domain, using Samba 3.6. What happens is this:
[root at infra1 ~]# net ads join -U Administrator at MY.REALM
Enter Administrator at MY.REALM's password:
net: sha1 checksum failed
Abort trap: 6 (Speicherabzug geschrieben)
I can see the newly created computer object in AD, and it does not make
a difference when I create it manually before trying the join. kinit
works (but contrary to documentation, "net ads join" does not
automatically use the kinit'ed user for authentication).
Samba is version 3.6.9, Kerberos is heimdal 1.5.2. I have the exact same
problem on both FreeBSD 8 and 9.
I suspect this is actually caused by some setting on the DC, but I
cannot figure out which. The last lines in the output of
net -d 5 ads join -U Administrator at MY.REALM
are:
rpc_api_pipe: host dc2.my.domain
rpc_read_send: data_to_read: 32
sitename_fetch: Returning sitename for MY.REALM: "MySiteName"
name dc2.my.domain#20 found.
ads_try_connect: sending CLDAP request to xxx.yyy.zzz.12 (realm: my.domain)
Successfully contacted LDAP server xxx.yyy.zzz.12
Connected to LDAP server dc2.my.domain
time offset is 0 seconds
Found SASL mechanism GSS-SPNEGO
ads_sasl_spnego_bind: got OID=1.2.840.48018.1.2.2
ads_sasl_spnego_bind: got OID=1.2.840.113554.1.2.2
ads_sasl_spnego_bind: got OID=1.2.840.113554.1.2.2.3
ads_sasl_spnego_bind: got OID=1.3.6.1.4.1.311.2.2.10
ads_sasl_spnego_bind: got server principal name =
not_defined_in_RFC4178 at please_ignore
net: sha1 checksum failed
I have tried getting a backtrace, but I only get garbage from both the
core dump and when I run the program in gdb directly. If anyone could
give me a hint how to get a meaningful backtrace, I would very much
appreciate it. I have already built Samba, heimdal and the system libc
with debug symbols, but the only effect was that, instead of 20 lines of
backtrace with unlikely addresses, now I get only three followed by
"Error accessing memory, bad address".
--
Christian
More information about the samba
mailing list