[Samba] Cannot join Ubuntu12.04 Samba 4.1.17 to domain

Rowland Penny rowlandpenny at googlemail.com
Thu Jun 4 02:19:03 MDT 2015 

On 03/06/15 23:54, ivenhov wrote:
> I've made all changes to 3 files you mentioned, also removed everything
> except localhost in hosts file.
> SO I have minimal smb.conf and minimal krb5 file
>
> Unfortunately error is still the same.
>
> If I try to join with full OU path I get kerberos_kinit_password
> testuser at MYNAT.MYCO.BCU failed: Cannot contact any KDC for requested realm

How are you trying to join the domain? what command are you actually using?
It seems that the KDC cannot be found, just what are you trying to join to?

All I can say is that it works for me against a samba4 AD DC

Rowland

> libnet_Join:
>      libnet_JoinCtx: struct libnet_JoinCtx
>          out: struct libnet_JoinCtx
>              account_name             : NULL
>              netbios_domain_name      : 'MYNAT'
>              dns_domain_name          : 'mynat.myco.bcu'
>              forest_name              : 'myco.bcu'
>              dn                       : NULL
>              domain_sid               : *
>                  domain_sid               :
> S-1-5-21-73586283-854245398-682003330
>              modified_config          : 0x00 (0)
>              error_string             : 'failed to connect to AD: Cannot
> contact any KDC for requested realm'
>              domain_is_ad             : 0x01 (1)
>              result                   : WERR_DEFAULT_JOIN_REQUIRED
> Failed to join domain: failed to connect to AD: Cannot contact any KDC for
> requested realm
> return code = -1
>
> If I try without cretecomputer
>
> kerberos_kinit_password testuser at MYNAT.MYCO.BCU failed: Cannot contact any
> KDC for requested realm
> libnet_Join:
>      libnet_JoinCtx: struct libnet_JoinCtx
>          out: struct libnet_JoinCtx
>              account_name             : NULL
>              netbios_domain_name      : 'MYNAT'
>              dns_domain_name          : 'mynat.myco.bcu'
>              forest_name              : 'myco.bcu'
>              dn                       : NULL
>              domain_sid               : *
>                  domain_sid               :
> S-1-5-21-73586283-854245398-682003330
>              modified_config          : 0x00 (0)
>              error_string             : 'failed to connect to AD: Cannot
> contact any KDC for requested realm'
>              domain_is_ad             : 0x01 (1)
>              result                   : WERR_GENERAL_FAILURE
> Failed to join domain: failed to connect to AD: Cannot contact any KDC for
> requested realm
> return code = -1
>
>
> I can get Kerberos ticket with no problems using:
> kinit myuser at MYNAT.MYCO.BCU
> klist shows valid ticket
>
> regarding services
>
> me at SERV1603:~$ sudo netstat -tulpan | grep LISTEN
> tcp        0      0 0.0.0.0:445             0.0.0.0:*               LISTEN
> 5628/smbd
> tcp        0      0 0.0.0.0:139             0.0.0.0:*               LISTEN
> 5628/smbd
> tcp6       0      0 :::445                  :::*                    LISTEN
> 5628/smbd
> tcp6       0      0 :::139                  :::*                    LISTEN
> 5628/smbd
>
>
> there is also no process with dns name, checked via
>   ps aux | grep -i dns
>
> I have no file with path /etc/NetworkManager/NetworkManager.conf which I
> assume no netman installed.
>
> 10.80.8.88 is AD and DNS on the network
>
> D.
>
>
>
>
>
>
>
> --
> View this message in context: http://samba.2283325.n4.nabble.com/Cannot-join-Ubuntu12-04-Samba-4-1-17-to-domain-tp4684555p4686678.html
> Sent from the Samba - General mailing list archive at Nabble.com.

More information about the samba mailing list