[Samba] I can't join the new AD server with Samba4
Daniel Carrasco Marín
danielmadrid19 at gmail.com
Sat Apr 25 07:02:01 MDT 2015
Sorry, I forgot to revert another test i did, but the result is the same:
---------------------------------------------------------------------------------------------------------------------------------------
---------------------------------------------------------------------------------------------------------------------------------------
sudo net ads join -U "Administrator" -d 5
INFO: Current debug levels:
all: 5
tdb: 5
printdrivers: 5
lanman: 5
smb: 5
rpc_parse: 5
rpc_srv: 5
rpc_cli: 5
passdb: 5
sam: 5
auth: 5
winbind: 5
vfs: 5
idmap: 5
quota: 5
acls: 5
locking: 5
msdfs: 5
dmapi: 5
registry: 5
scavenger: 5
dns: 5
ldb: 5
lp_load_ex: refreshing parameters
Initialising global parameters
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
INFO: Current debug levels:
all: 5
tdb: 5
printdrivers: 5
lanman: 5
smb: 5
rpc_parse: 5
rpc_srv: 5
rpc_cli: 5
passdb: 5
sam: 5
auth: 5
winbind: 5
vfs: 5
idmap: 5
quota: 5
acls: 5
locking: 5
msdfs: 5
dmapi: 5
registry: 5
scavenger: 5
dns: 5
ldb: 5
params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf"
Processing section "[global]"
doing parameter workgroup = TTU
doing parameter security = ADS
doing parameter realm = TTU.RED
doing parameter dedicated keytab file = /etc/krb5.keytab
doing parameter kerberos method = secrets and keytab
doing parameter idmap config *:backend = tdb
doing parameter idmap config *:range = 2000-9999
doing parameter idmap config TTU:backend = ad
doing parameter idmap config TTU:schema_mode = rfc2307
doing parameter idmap config TTU:range = 10000-99999
doing parameter winbind nss info = rfc2307
doing parameter winbind trusted domains only = no
doing parameter winbind use default domain = yes
doing parameter winbind enum users = yes
doing parameter winbind enum groups = yes
doing parameter winbind refresh tickets = Yes
doing parameter winbind expand groups = 4
doing parameter winbind normalize names = Yes
doing parameter domain master = no
doing parameter local master = no
doing parameter vfs objects = acl_xattr
doing parameter map acl inherit = Yes
doing parameter store dos attributes = Yes
pm_process() returned Yes
Netbios name list:-
my_netbios_names[0]="GLOTON"
added interface eth1 ip=172.30.0.230 bcast=172.30.0.255
netmask=255.255.255.0
added interface eth0 ip=192.168.2.230 bcast=192.168.2.255
netmask=255.255.255.0
Registering messaging pointer for type 2 - private_data=(nil)
Registering messaging pointer for type 9 - private_data=(nil)
Registered MSG_REQ_POOL_USAGE
Registering messaging pointer for type 11 - private_data=(nil)
Registering messaging pointer for type 12 - private_data=(nil)
Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED
Registering messaging pointer for type 1 - private_data=(nil)
Registering messaging pointer for type 5 - private_data=(nil)
Enter Administrator's password:
libnet_Join:
libnet_JoinCtx: struct libnet_JoinCtx
in: struct libnet_JoinCtx
dc_name : NULL
machine_name : 'GLOTON'
domain_name : *
domain_name : 'TTU.RED'
account_ou : NULL
admin_account : 'Administrator'
machine_password : NULL
join_flags : 0x00000023 (35)
0: WKSSVC_JOIN_FLAGS_IGNORE_UNSUPPORTED_FLAGS
0: WKSSVC_JOIN_FLAGS_JOIN_WITH_NEW_NAME
0: WKSSVC_JOIN_FLAGS_JOIN_DC_ACCOUNT
0: WKSSVC_JOIN_FLAGS_DEFER_SPN
0: WKSSVC_JOIN_FLAGS_MACHINE_PWD_PASSED
0: WKSSVC_JOIN_FLAGS_JOIN_UNSECURE
1: WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED
0: WKSSVC_JOIN_FLAGS_WIN9X_UPGRADE
0: WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE
1: WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE
1: WKSSVC_JOIN_FLAGS_JOIN_TYPE
os_version : NULL
os_name : NULL
create_upn : 0x00 (0)
upn : NULL
modify_config : 0x00 (0)
ads : NULL
debug : 0x01 (1)
use_kerberos : 0x00 (0)
secure_channel_type : SEC_CHAN_WKSTA (2)
Opening cache file at /var/cache/samba/gencache.tdb
Opening cache file at /var/run/samba/gencache_notrans.tdb
sitename_fetch: Returning sitename for TTU.RED: "Default-First-Site-Name"
ads_dns_lookup_srv: 1 records returned in the answer section.
sitename_fetch: Returning sitename for TTU.RED: "Default-First-Site-Name"
name pdc.ttu.red#20 found.
Connecting to 192.168.2.251 at port 445
Socket options:
SO_KEEPALIVE = 0
SO_REUSEADDR = 0
SO_BROADCAST = 0
TCP_NODELAY = 1
TCP_KEEPCNT = 9
TCP_KEEPIDLE = 7200
TCP_KEEPINTVL = 75
IPTOS_LOWDELAY = 0
IPTOS_THROUGHPUT = 0
SO_SNDBUF = 24040
SO_RCVBUF = 87380
SO_SNDLOWAT = 1
SO_RCVLOWAT = 1
SO_SNDTIMEO = 0
SO_RCVTIMEO = 0
TCP_QUICKACK = 1
TCP_DEFER_ACCEPT = 0
Doing spnego session setup (blob length=96)
got OID=1.2.840.48018.1.2.2
got OID=1.2.840.113554.1.2.2
got OID=1.3.6.1.4.1.311.2.2.10
got principal=not_defined_in_RFC4178 at please_ignore
Got challenge flags:
Got NTLMSSP neg_flags=0x60898215
NTLMSSP_NEGOTIATE_UNICODE
NTLMSSP_REQUEST_TARGET
NTLMSSP_NEGOTIATE_SIGN
NTLMSSP_NEGOTIATE_NTLM
NTLMSSP_NEGOTIATE_ALWAYS_SIGN
NTLMSSP_NEGOTIATE_NTLM2
NTLMSSP_NEGOTIATE_TARGET_INFO
NTLMSSP_NEGOTIATE_128
NTLMSSP_NEGOTIATE_KEY_EXCH
NTLMSSP: Set final flags:
Got NTLMSSP neg_flags=0x60088215
NTLMSSP_NEGOTIATE_UNICODE
NTLMSSP_REQUEST_TARGET
NTLMSSP_NEGOTIATE_SIGN
NTLMSSP_NEGOTIATE_NTLM
NTLMSSP_NEGOTIATE_ALWAYS_SIGN
NTLMSSP_NEGOTIATE_NTLM2
NTLMSSP_NEGOTIATE_128
NTLMSSP_NEGOTIATE_KEY_EXCH
NTLMSSP Sign/Seal - Initialising with flags:
Got NTLMSSP neg_flags=0x60088215
NTLMSSP_NEGOTIATE_UNICODE
NTLMSSP_REQUEST_TARGET
NTLMSSP_NEGOTIATE_SIGN
NTLMSSP_NEGOTIATE_NTLM
NTLMSSP_NEGOTIATE_ALWAYS_SIGN
NTLMSSP_NEGOTIATE_NTLM2
NTLMSSP_NEGOTIATE_128
NTLMSSP_NEGOTIATE_KEY_EXCH
Bind RPC Pipe: host pdc.ttu.red auth_type 0, auth_level 1
rpc_api_pipe: host pdc.ttu.red
rpc_read_send: data_to_read: 52
check_bind_response: accepted!
rpc_api_pipe: host pdc.ttu.red
rpc_read_send: data_to_read: 32
rpc_api_pipe: host pdc.ttu.red
rpc_read_send: data_to_read: 168
rpc_api_pipe: host pdc.ttu.red
rpc_read_send: data_to_read: 32
saf_fetch[join]: Returning "pdc.ttu.red" for "ttu.red" domain
get_dc_list: preferred server list: "pdc.ttu.red, *"
name ttu.red#1C found.
sitename_fetch: Returning sitename for TTU.RED: "Default-First-Site-Name"
name pdc.ttu.red#20 found.
get_dc_list: returning 1 ip addresses in an ordered list
get_dc_list: 192.168.2.251:389
create_local_private_krb5_conf_for_domain: wrote file
/var/run/samba/smb_krb5/krb5.conf.TTU with realm TTU.RED KDC list =
kdc = 192.168.2.251
Bind RPC Pipe: host pdc.ttu.red auth_type 0, auth_level 1
rpc_api_pipe: host pdc.ttu.red
rpc_read_send: data_to_read: 52
check_bind_response: accepted!
rpc_api_pipe: host pdc.ttu.red
rpc_read_send: data_to_read: 32
rpc_api_pipe: host pdc.ttu.red
rpc_read_send: data_to_read: 32
rpc_api_pipe: host pdc.ttu.red
rpc_read_send: data_to_read: 40
rpc_api_pipe: host pdc.ttu.red
rpc_read_send: data_to_read: 44
rpc_api_pipe: host pdc.ttu.red
rpc_read_send: data_to_read: 32
rpc_api_pipe: host pdc.ttu.red
rpc_read_send: data_to_read: 12
rpc_api_pipe: host pdc.ttu.red
rpc_read_send: data_to_read: 12
rpc_api_pipe: host pdc.ttu.red
rpc_read_send: data_to_read: 32
rpc_api_pipe: host pdc.ttu.red
rpc_read_send: data_to_read: 32
rpc_api_pipe: host pdc.ttu.red
rpc_read_send: data_to_read: 32
check lock order 1 for /var/lib/samba/private/secrets.tdb
release lock order 1 for /var/lib/samba/private/secrets.tdb
check lock order 1 for /var/lib/samba/private/secrets.tdb
release lock order 1 for /var/lib/samba/private/secrets.tdb
check lock order 1 for /var/lib/samba/private/secrets.tdb
release lock order 1 for /var/lib/samba/private/secrets.tdb
check lock order 1 for /var/lib/samba/private/secrets.tdb
release lock order 1 for /var/lib/samba/private/secrets.tdb
check lock order 1 for /var/lib/samba/private/secrets.tdb
release lock order 1 for /var/lib/samba/private/secrets.tdb
sitename_fetch: Returning sitename for TTU.RED: "Default-First-Site-Name"
name pdc.ttu.red#20 found.
ads_try_connect: sending CLDAP request to 192.168.2.251 (realm: ttu.red)
Successfully contacted LDAP server 192.168.2.251
Connected to LDAP server pdc.ttu.red
KDC time offset is 0 seconds
Found SASL mechanism GSS-SPNEGO
ads_sasl_spnego_bind: got OID=1.2.840.48018.1.2.2
ads_sasl_spnego_bind: got OID=1.2.840.113554.1.2.2
ads_sasl_spnego_bind: got OID=1.3.6.1.4.1.311.2.2.10
ads_sasl_spnego_bind: got server principal name =
not_defined_in_RFC4178 at please_ignore
ads_krb5_mk_req: krb5_cc_get_principal failed (No existe el fichero o el
directorio)
ads_cleanup_expired_creds: Ticket in ccache[MEMORY:net_ads] expiration dom,
26 abr 2015 00:59:09 CEST
kinit succeeded but ads_sasl_spnego_krb5_bind failed: Invalid credentials
libnet_Join:
libnet_JoinCtx: struct libnet_JoinCtx
out: struct libnet_JoinCtx
account_name : NULL
netbios_domain_name : 'TTU'
dns_domain_name : 'ttu.red'
forest_name : 'ttu.red'
dn : NULL
domain_sid : *
domain_sid :
S-1-5-21-127850397-371183867-665961664
modified_config : 0x00 (0)
error_string : 'failed to connect to AD: Invalid
credentials'
domain_is_ad : 0x01 (1)
result : WERR_GENERAL_FAILURE
Failed to join domain: failed to connect to AD: Invalid credentials
return code = -1
---------------------------------------------------------------------------------------------------------------------------------------
---------------------------------------------------------------------------------------------------------------------------------------
Greetings!!
2015-04-25 14:52 GMT+02:00 Rowland Penny <rowlandpenny at googlemail.com>:
> On 25/04/15 13:27, Daniel Carrasco Marín wrote:
>
>> Hi, I'm sorry for my english.
>>
>> i've migrated an old 3.6 samba domain to Samba 4.1 and the windows part is
>> working fine (i can join and manage the server from a Windows Machine),
>> but
>> when I try to join the domain from another linux server it fails.
>>
>> I've followed this guide to migrate:
>>
>> https://wiki.samba.org/index.php/Samba_Classic_Upgrade_%28NT4-style_domain_to_AD%29
>>
>> and this for join:
>> https://wiki.samba.org/index.php/Setup_a_Samba_AD_Member_Server
>>
>> Mi config file looks like the guide
>>
>
> From what you have posted, your smb.conf doesn't seem to look anything
> like the one on the member server page:
>
> [global]
> security = domain
> workgroup = TTU
> realm = ttu.red
> wins server = 192.168.2.251
> server role = standalone server
> passdb backend = tdbsam
> domain master = no
> server string = Print Server
> encrypt passwords = yes
> winbind nss info = rfc2307
> winbind enum users = Yes
> winbind enum groups = Yes
> winbind use default domain = Yes
> winbind refresh tickets = Yes
> winbind normalize names = yes
> idmap config TTU : backend = ad
> idmap config * : backend = tdb
> idmap config * : range = 1000-20000000
>
> There is also this:
>
> params.c:Parameter() - Ignoring badly formed line in configuration file:
> rfc2307
>
> Rowland
>
>
> and the join command shows:
>> -----------------------------------------------------------------------
>> -----------------------------------------------------------------------
>> # net ads join -UAdministrator -d 5
>> INFO: Current debug levels:
>> all: 5
>> tdb: 5
>> printdrivers: 5
>> lanman: 5
>> smb: 5
>> rpc_parse: 5
>> rpc_srv: 5
>> rpc_cli: 5
>> passdb: 5
>> sam: 5
>> auth: 5
>> winbind: 5
>> vfs: 5
>> idmap: 5
>> quota: 5
>> acls: 5
>> locking: 5
>> msdfs: 5
>> dmapi: 5
>> registry: 5
>> scavenger: 5
>> dns: 5
>> ldb: 5
>> lp_load_ex: refreshing parameters
>> Initialising global parameters
>> rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
>> INFO: Current debug levels:
>> all: 5
>> tdb: 5
>> printdrivers: 5
>> lanman: 5
>> smb: 5
>> rpc_parse: 5
>> rpc_srv: 5
>> rpc_cli: 5
>> passdb: 5
>> sam: 5
>> auth: 5
>> winbind: 5
>> vfs: 5
>> idmap: 5
>> quota: 5
>> acls: 5
>> locking: 5
>> msdfs: 5
>> dmapi: 5
>> registry: 5
>> scavenger: 5
>> dns: 5
>> ldb: 5
>> params.c:pm_process() - Processing configuration file
>> "/etc/samba/smb.conf"
>> params.c:Parameter() - Ignoring badly formed line in configuration file:
>> rfc2307[global]
>> doing parameter security = domain
>> doing parameter workgroup = TTU
>> doing parameter realm = ttu.red
>> doing parameter wins server = 192.168.2.251
>> doing parameter server role = standalone server
>> doing parameter passdb backend = tdbsam
>> doing parameter domain master = no
>> doing parameter server string = Print Server
>> doing parameter encrypt passwords = yes
>> doing parameter winbind nss info = rfc2307
>> doing parameter winbind enum users = Yes
>> doing parameter winbind enum groups = Yes
>> doing parameter winbind use default domain = Yes
>> doing parameter winbind refresh tickets = Yes
>> doing parameter winbind normalize names = yes
>> doing parameter idmap config TTU : backend = ad
>> doing parameter idmap config * : backend = tdb
>> doing parameter idmap config * : range = 1000-20000000
>> pm_process() returned Yes
>> Netbios name list:-
>> my_netbios_names[0]="GLOTON"
>> added interface eth1 ip=172.30.0.230 bcast=172.30.0.255
>> netmask=255.255.255.0
>> added interface eth0 ip=192.168.2.230 bcast=192.168.2.255
>> netmask=255.255.255.0
>> Registering messaging pointer for type 2 - private_data=(nil)
>> Registering messaging pointer for type 9 - private_data=(nil)
>> Registered MSG_REQ_POOL_USAGE
>> Registering messaging pointer for type 11 - private_data=(nil)
>> Registering messaging pointer for type 12 - private_data=(nil)
>> Registered MSG_REQ_DMALLOC_MARK and LOG_CHANGED
>> Registering messaging pointer for type 1 - private_data=(nil)
>> Registering messaging pointer for type 5 - private_data=(nil)
>> Enter Administrator's password:
>> libnet_Join:
>> libnet_JoinCtx: struct libnet_JoinCtx
>> in: struct libnet_JoinCtx
>> dc_name : NULL
>> machine_name : 'GLOTON'
>> domain_name : *
>> domain_name : 'TTU.RED'
>> account_ou : NULL
>> admin_account : 'Administrator'
>> machine_password : NULL
>> join_flags : 0x00000023 (35)
>> 0: WKSSVC_JOIN_FLAGS_IGNORE_UNSUPPORTED_FLAGS
>> 0: WKSSVC_JOIN_FLAGS_JOIN_WITH_NEW_NAME
>> 0: WKSSVC_JOIN_FLAGS_JOIN_DC_ACCOUNT
>> 0: WKSSVC_JOIN_FLAGS_DEFER_SPN
>> 0: WKSSVC_JOIN_FLAGS_MACHINE_PWD_PASSED
>> 0: WKSSVC_JOIN_FLAGS_JOIN_UNSECURE
>> 1: WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED
>> 0: WKSSVC_JOIN_FLAGS_WIN9X_UPGRADE
>> 0: WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE
>> 1: WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE
>> 1: WKSSVC_JOIN_FLAGS_JOIN_TYPE
>> os_version : NULL
>> os_name : NULL
>> create_upn : 0x00 (0)
>> upn : NULL
>> modify_config : 0x00 (0)
>> ads : NULL
>> debug : 0x01 (1)
>> use_kerberos : 0x00 (0)
>> secure_channel_type : SEC_CHAN_WKSTA (2)
>> Opening cache file at /var/cache/samba/gencache.tdb
>> Opening cache file at /var/run/samba/gencache_notrans.tdb
>> sitename_fetch: Returning sitename for TTU.RED: "Default-First-Site-Name"
>> ads_dns_lookup_srv: 1 records returned in the answer section.
>> sitename_fetch: Returning sitename for TTU.RED: "Default-First-Site-Name"
>> no entry for pdc.ttu.red#20 found.
>> resolve_lmhosts: Attempting lmhosts lookup for name pdc.ttu.red<0x20>
>> resolve_lmhosts: Attempting lmhosts lookup for name pdc.ttu.red<0x20>
>> startlmhosts: Can't open lmhosts file /etc/samba/lmhosts. Error was No
>> existe el fichero o el directorio
>> wins_srv_is_dead: 192.168.2.251 is alive
>> resolve_wins: using WINS server 192.168.2.251 and tag '*'
>> samba_tevent: EPOLL_CTL_DEL EBADF for fde[0x7fcb85f853b0] mpx_fde[(nil)]
>> fd[13] - disabling
>> wins_srv_is_dead: 192.168.2.251 is alive
>> Marking wins server 192.168.2.251 dead for 600 seconds from source
>> 192.168.2.251
>> resolve_hosts: Attempting host lookup for name pdc.ttu.red<0x20>
>> namecache_store: storing 1 address for pdc.ttu.red#20: 192.168.2.251
>> Connecting to 192.168.2.251 at port 445
>> Socket options:
>> SO_KEEPALIVE = 0
>> SO_REUSEADDR = 0
>> SO_BROADCAST = 0
>> TCP_NODELAY = 1
>> TCP_KEEPCNT = 9
>> TCP_KEEPIDLE = 7200
>> TCP_KEEPINTVL = 75
>> IPTOS_LOWDELAY = 0
>> IPTOS_THROUGHPUT = 0
>> SO_SNDBUF = 24040
>> SO_RCVBUF = 87380
>> SO_SNDLOWAT = 1
>> SO_RCVLOWAT = 1
>> SO_SNDTIMEO = 0
>> SO_RCVTIMEO = 0
>> TCP_QUICKACK = 1
>> TCP_DEFER_ACCEPT = 0
>> Doing spnego session setup (blob length=96)
>> got OID=1.2.840.48018.1.2.2
>> got OID=1.2.840.113554.1.2.2
>> got OID=1.3.6.1.4.1.311.2.2.10
>> got principal=not_defined_in_RFC4178 at please_ignore
>> Got challenge flags:
>> Got NTLMSSP neg_flags=0x60898215
>> NTLMSSP_NEGOTIATE_UNICODE
>> NTLMSSP_REQUEST_TARGET
>> NTLMSSP_NEGOTIATE_SIGN
>> NTLMSSP_NEGOTIATE_NTLM
>> NTLMSSP_NEGOTIATE_ALWAYS_SIGN
>> NTLMSSP_NEGOTIATE_NTLM2
>> NTLMSSP_NEGOTIATE_TARGET_INFO
>> NTLMSSP_NEGOTIATE_128
>> NTLMSSP_NEGOTIATE_KEY_EXCH
>> NTLMSSP: Set final flags:
>> Got NTLMSSP neg_flags=0x60088215
>> NTLMSSP_NEGOTIATE_UNICODE
>> NTLMSSP_REQUEST_TARGET
>> NTLMSSP_NEGOTIATE_SIGN
>> NTLMSSP_NEGOTIATE_NTLM
>> NTLMSSP_NEGOTIATE_ALWAYS_SIGN
>> NTLMSSP_NEGOTIATE_NTLM2
>> NTLMSSP_NEGOTIATE_128
>> NTLMSSP_NEGOTIATE_KEY_EXCH
>> NTLMSSP Sign/Seal - Initialising with flags:
>> Got NTLMSSP neg_flags=0x60088215
>> NTLMSSP_NEGOTIATE_UNICODE
>> NTLMSSP_REQUEST_TARGET
>> NTLMSSP_NEGOTIATE_SIGN
>> NTLMSSP_NEGOTIATE_NTLM
>> NTLMSSP_NEGOTIATE_ALWAYS_SIGN
>> NTLMSSP_NEGOTIATE_NTLM2
>> NTLMSSP_NEGOTIATE_128
>> NTLMSSP_NEGOTIATE_KEY_EXCH
>> Bind RPC Pipe: host pdc.ttu.red auth_type 0, auth_level 1
>> rpc_api_pipe: host pdc.ttu.red
>> rpc_read_send: data_to_read: 52
>> check_bind_response: accepted!
>> rpc_api_pipe: host pdc.ttu.red
>> rpc_read_send: data_to_read: 32
>> rpc_api_pipe: host pdc.ttu.red
>> rpc_read_send: data_to_read: 168
>> rpc_api_pipe: host pdc.ttu.red
>> rpc_read_send: data_to_read: 32
>> saf_fetch[join]: Returning "pdc.ttu.red" for "ttu.red" domain
>> get_dc_list: preferred server list: "pdc.ttu.red, *"
>> no entry for ttu.red#1C found.
>> resolve_ads: Attempting to resolve KDCs for ttu.red using DNS
>> ads_dns_lookup_srv: 1 records returned in the answer section.
>> sitename_fetch: Returning sitename for TTU.RED: "Default-First-Site-Name"
>> name pdc.ttu.red#20 found.
>> get_dc_list: returning 2 ip addresses in an ordered list
>> get_dc_list: 192.168.2.251:0 192.168.2.251:88
>> create_local_private_krb5_conf_for_domain: wrote file
>> /var/run/samba/smb_krb5/krb5.conf.TTU with realm TTU.RED KDC list =
>> kdc = 192.168.2.251
>>
>> Bind RPC Pipe: host pdc.ttu.red auth_type 0, auth_level 1
>> rpc_api_pipe: host pdc.ttu.red
>> rpc_read_send: data_to_read: 52
>> check_bind_response: accepted!
>> rpc_api_pipe: host pdc.ttu.red
>> rpc_read_send: data_to_read: 32
>> rpc_api_pipe: host pdc.ttu.red
>> rpc_read_send: data_to_read: 32
>> rpc_api_pipe: host pdc.ttu.red
>> rpc_read_send: data_to_read: 40
>> rpc_api_pipe: host pdc.ttu.red
>> rpc_read_send: data_to_read: 44
>> rpc_api_pipe: host pdc.ttu.red
>> rpc_read_send: data_to_read: 32
>> rpc_api_pipe: host pdc.ttu.red
>> rpc_read_send: data_to_read: 12
>> rpc_api_pipe: host pdc.ttu.red
>> rpc_read_send: data_to_read: 12
>> rpc_api_pipe: host pdc.ttu.red
>> rpc_read_send: data_to_read: 32
>> rpc_api_pipe: host pdc.ttu.red
>> rpc_read_send: data_to_read: 32
>> rpc_api_pipe: host pdc.ttu.red
>> rpc_read_send: data_to_read: 32
>> check lock order 1 for /var/lib/samba/private/secrets.tdb
>> release lock order 1 for /var/lib/samba/private/secrets.tdb
>> check lock order 1 for /var/lib/samba/private/secrets.tdb
>> release lock order 1 for /var/lib/samba/private/secrets.tdb
>> check lock order 1 for /var/lib/samba/private/secrets.tdb
>> release lock order 1 for /var/lib/samba/private/secrets.tdb
>> check lock order 1 for /var/lib/samba/private/secrets.tdb
>> release lock order 1 for /var/lib/samba/private/secrets.tdb
>> check lock order 1 for /var/lib/samba/private/secrets.tdb
>> release lock order 1 for /var/lib/samba/private/secrets.tdb
>> sitename_fetch: Returning sitename for TTU.RED: "Default-First-Site-Name"
>> name pdc.ttu.red#20 found.
>> ads_try_connect: sending CLDAP request to 192.168.2.251 (realm: ttu.red)
>> Successfully contacted LDAP server 192.168.2.251
>> Connected to LDAP server pdc.ttu.red
>> KDC time offset is 0 seconds
>> Found SASL mechanism GSS-SPNEGO
>> ads_sasl_spnego_bind: got OID=1.2.840.48018.1.2.2
>> ads_sasl_spnego_bind: got OID=1.2.840.113554.1.2.2
>> ads_sasl_spnego_bind: got OID=1.3.6.1.4.1.311.2.2.10
>> ads_sasl_spnego_bind: got server principal name =
>> not_defined_in_RFC4178 at please_ignore
>> ads_krb5_mk_req: krb5_cc_get_principal failed (No existe el fichero o el
>> directorio)
>> ads_cleanup_expired_creds: Ticket in ccache[MEMORY:net_ads] expiration
>> dom,
>> 26 abr 2015 00:04:50 CEST
>> kinit succeeded but ads_sasl_spnego_krb5_bind failed: Invalid credentials
>> libnet_Join:
>> libnet_JoinCtx: struct libnet_JoinCtx
>> out: struct libnet_JoinCtx
>> account_name : NULL
>> netbios_domain_name : 'TTU'
>> dns_domain_name : 'ttu.red'
>> forest_name : 'ttu.red'
>> dn : NULL
>> domain_sid : *
>> domain_sid :
>> S-1-5-21-127850397-371183867-665961664
>> modified_config : 0x00 (0)
>> error_string : 'failed to connect to AD: Invalid
>> credentials'
>> domain_is_ad : 0x01 (1)
>> result : WERR_GENERAL_FAILURE
>> Failed to join domain: failed to connect to AD: Invalid credentials
>> return code = -1
>> -----------------------------------------------------------------------
>> -----------------------------------------------------------------------
>>
>> I've tried commands like:
>> smbclient -L 192.168.2.251 -U%
>> kinit administrator@ <administrator at CASA.RED>TTU.RED
>> klist -c
>>
>> All are workign.
>> I've tried to create a test domain instead upgrade, with same config and
>> join ads is working... ¿can be the upgrade progress?
>>
>> Thanks!!
>>
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba
mailing list