[Samba] Solaris 11 can't join Active Directory Domain
İhsan Doğan
ihsan at dogan.ch
Fri Feb 8 04:02:39 MST 2013
Hi,
On 02/06/2013 11:46 AM, Andrew Bartlett wrote:
>> I'm running a Active Directory domain on Samba 4.0.1 and I'm trying to
>> join a Solaris 11 machine this domain:
>>
>> # smbadm join -u Administrator DOMAIN
>> After joining DOMAIN the smb service will be restarted automatically.
>> Would you like to continue? [no]: yes
>> Enter domain password:
>> Locating DC in DOMAIN ... this may take a minute ...
>> Joining DOMAIN ... this may take a minute ...
>> failed to join DOMAIN: UNSUCCESSFUL
>> Please refer to the system log for more information.
>>
>> In /var/adm/messages:
>> Jan 30 21:33:34 host smbd[827]: [ID 232655 daemon.notice] ldap_modify:
>> Insufficient access
>> Jan 30 21:33:34 host smbd[827]: [ID 702911 daemon.notice] Workstation
>> trust account update failed
>>
>> Windows 7 clients are able to join, but Solaris 11 fails.
>>
>> Kerberos seems to be fine:
>> # kinit oskar
>> Password for oskar at DOMAIN.COM:
>> Warning: Your password will expire in 41 days on Wed Mar 13 19:44:52 2013
>>
>> But if I run it for Administrator:
>> # kinit Administrator
>> Password for Administrator at DOMAIN.COM:
>> Warning: Your password will expire in 41 days on Wed Mar 13 18:36:46 2013
>> kinit: no ktkt_warnd warning possible
>>
>> Any idea what is going wrong here?
>
> Does this work against a freshly provisioned Samba 4.0.3 domain?
>
> We fixed a lot of ACL related things with that release.
Haven't tried. I'm running the AD now on a 2008R2 server.
Ihsan
--
ihsan at dogan.ch http://blog.dogan.ch/
More information about the samba
mailing list