[Samba] net ads join fails in Ubuntu 14.04 in AWS
Alex Slynko
Alex.Slynko at wonga.com
Wed Jul 16 03:07:46 MDT 2014
Hi all
EC2 Ubuntu 14.04 instances can't join domain. Same setup works fine for local virtual machines.
Domain processes request normally.
Kinit works fine with generated config
root at new1404:~# net ads join -U dnscreate%password -d 1
libnet_Join:
libnet_JoinCtx: struct libnet_JoinCtx
in: struct libnet_JoinCtx
dc_name : NULL
machine_name : 'NEW1404'
domain_name : *
domain_name : 'AWS.DOMAIN.COM'
account_ou : NULL
admin_account : 'dnscreate'
machine_password : NULL
join_flags : 0x00000023 (35)
0: WKSSVC_JOIN_FLAGS_IGNORE_UNSUPPORTED_FLAGS
0: WKSSVC_JOIN_FLAGS_JOIN_WITH_NEW_NAME
0: WKSSVC_JOIN_FLAGS_JOIN_DC_ACCOUNT
0: WKSSVC_JOIN_FLAGS_DEFER_SPN
0: WKSSVC_JOIN_FLAGS_MACHINE_PWD_PASSED
0: WKSSVC_JOIN_FLAGS_JOIN_UNSECURE
1: WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED
0: WKSSVC_JOIN_FLAGS_WIN9X_UPGRADE
0: WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE
1: WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE
1: WKSSVC_JOIN_FLAGS_JOIN_TYPE
os_version : NULL
os_name : NULL
create_upn : 0x00 (0)
upn : NULL
modify_config : 0x00 (0)
ads : NULL
debug : 0x01 (1)
use_kerberos : 0x00 (0)
secure_channel_type : SEC_CHAN_WKSTA (2)
kerberos_kinit_password dnscreate at AWS.DOMAIN.COM failed: Cannot contact any KDC for requested realm
libnet_Join:
libnet_JoinCtx: struct libnet_JoinCtx
out: struct libnet_JoinCtx
account_name : NULL
netbios_domain_name : 'AWS'
dns_domain_name : 'aws.domain.com'
forest_name : 'domain.com'
dn : NULL
domain_sid : *
domain_sid : S-1-5-21-3703399817-2864286332-805048363
modified_config : 0x00 (0)
error_string : 'failed to connect to AD: Cannot contact any KDC for requested realm'
domain_is_ad : 0x01 (1)
result : WERR_GENERAL_FAILURE
root at new1404:~# net lookup kdc
172.30.192.5:389
172.30.192.5:88
172.30.160.5:88
Sincerely,
Alex Slynko
WDFC UK Limited. Registered in England & Wales with registered number 6374235 and registered office 88 Crawford Street, London W1H 2EJ. Authorised and regulated by the Financial Conduct Authority. Interim Permission Number 611974. Any communication sent by or on behalf of WDFC UK Limited or any of its subsidiary, holding or affiliated companies or entities (together "Wonga") is confidential and may be privileged or otherwise protected. If you receive it in error please inform us and then delete it from your system. You should not copy it or disclose its contents to anyone. Messages sent to and from Wonga may be monitored to ensure compliance with our internal policies and to protect our business. Emails are not secure and cannot be guaranteed to be error free. Anyone who communicates with us by email is taken to accept these risks.
---------------------------------------------------------------------------------------
This email has been scanned for email related threats and delivered safely by Mimecast.
For more information please visit http://www.mimecast.com
---------------------------------------------------------------------------------------
More information about the samba
mailing list