[Samba] Not able to join domain using ads and target IP
Hari Naresh Rawat
rawat.hari25 at gmail.com
Mon Feb 23 04:35:23 MST 2015
i am not able to join the domain using ads and target ip ( net ads
join –S <domain
controller ip> –U <username> ).
I am getting below error.
*net ads join -S 172.17.100.97 -U administrator*
*Enter administrator's password:*
*kinit succeeded but ads_sasl_spnego_krb5_bind failed: Server not found in
Kerberos database*
*Failed to join domain: failed to connect to AD: Server not found in
Kerberos database*
*[root at ESX2VMTKRHEL2 ~]#*
However i am able to join the domain using either rpc in place of ads or by
specifying domain controller name in place of domain controller ip .
This seems to be a samba bug 6502 (
https://bugzilla.samba.org/show_bug.cgi?id=6502#c0) which is in NEW state
on samba 3.0 and i am using 3.6 as shown below.
[root at ESX2VMTKRHEL2 ~]#
[root at ESX2VMTKRHEL2 ~]# smbstatus --version
Version 3.6.23-12.el6
[root at ESX2VMTKRHEL2 ~]#
So please help.
####################The content of krb5.conf & smb.conf is as below
+++++++++++++++
/etc/krb5.conf
==============
[root at ESX2VMTKRHEL2 ~]# vi /etc/krb5.conf
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = HARI.COM
dns_lookup_realm = true
dns_lookup_kdc = true
[realms]
HARI.COM = {
kdc = WIN-08U8DKU3EV3.HARI.com:88
}
[domain_realm]
.hari.com = HARI.COM
hari.com = HARI.COM
/etc/samba/smb.conf
===================
[root at ESX2VMTKRHEL2 ~]# hostname
ESX2VMTKRHEL2
[root at ESX2VMTKRHEL2 ~]# ifconfig eth0
eth0 Link encap:Ethernet HWaddr 00:0C:29:1F:8E:5B
inet addr:172.17.100.96 Bcast:172.17.100.255 Mask:255.255.255.0
inet6 addr: fe80::20c:29ff:fe1f:8e5b/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:4397729 errors:0 dropped:0 overruns:0 frame:0
TX packets:1135336 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:4284194888 (3.9 GiB) TX bytes:192947542 (184.0 MiB)
[root at ESX2VMTKRHEL2 ~]#
[root at ESX2VMTKRHEL2 ~]# vi /etc/samba/smb.conf
# setsebool -P samba_export_all_rw on
#
#======================= Global Settings
=====================================
[global]
netbios name = ESX2VMTKRHEL2
server string = Samba Domain Member Server
workgroup = HARI
security = ADS
realm = HARI.COM
dedicated keytab file = /etc/krb5.keytab
kerberos method = secrets and keytab
preferred master = no
encrypt passwords = yes
winbind separator = +
idmap config *:backend = tdb
idmap config *:range = 2000-9999
idmap config HARI:backend = ad
idmap config HARI:schema_mode = rfc2307
idmap config HARI:range = 10000-99999
winbind nss info = rfc2307
winbind trusted domains only = no
winbind use default domain = yes
winbind enum users = yes
winbind enum groups = yes
winbind refresh tickets = Yes
#logging
log file = /var/log/samba/%m.log
max log size = 10240
#============================ Share Definitions
=============================
[public]
path = /public
browseable = yes
writeable = yes
guest ok = yes
[share80]
comment = share80
path = /mnt/share80
public = No
read only = No
writable = Yes
printable = No
browseable = Yes
create mask = 0777
directory mask = 0777
**********************************************************************************************************
Thanks,
Hari
More information about the samba
mailing list