[Samba] Samba domain join issues
Pradeep Rawat
pradeeprawat85 at gmail.com
Mon Oct 31 17:06:55 UTC 2016
Hi All,
I am having an issue with Samba joining an active directory domain.
When I run 'net ads join -S mydomaincontrollerFQDN -U adminuser command I
get this error:
Failed to join domain: failed to lookup DC info for domain 'MYDOMAIN.COM'
over rpc: Logon failure
The credentials we entered are for sure correct but if we see our domain
controller it count it as a bad password. I see an event logged 4625 with
unknown username or bad password.
Samba version is 3.6.4 and active directory is running on both 2008 R2 and
2012 R2 OS (with DFL/FFL as 2008 R2). I have tried with both versions of
domain controllers without any success.
I have also tried changing LmCompatibilityLevel on domain controllers from
0 till 5 but issue still persist. We initially thought this is because
of MS16-077 patch but we uninstalled it from all our 2008 R2 domain
controllers and 2012 R2 domain didn't have this patch at all.
An example of our smb.conf file is here:
[global]
workgroup = MYDOMAIN
realm = MYDOMAIN.COM
netbios name = samba-server
server string = Samba Server
security = DOMAIN
password server = myDomainControllerName.mydomain.com
client ntlmv2 auth = yes
encrypt passwords = yes
max protocol = smb2
restrict anonymous = 1
log level = 2
username map = /etc/samba/smbusers
log file = /var/samba/log/log.%m
debug pid = Yes
debug uid = Yes
max xmit = 65535
name resolve order = host wins bcast lmhosts
max ttl = 5000
deadtime = 5
hostname lookups = Yes
os level = 20
local master = No
domain master = No
wins server = <ip address of WINS server>
host msdfs = No
idmap config * : range = 10000-200000
idmap config * : backend = tdb
map archive = No
map hidden = No
map system = No
case sensitive = Yes
read only = No
create mask = 0775
directory mask = 0775
hide dot files = No
oplocks = No
level2 oplocks = No
strict locking = Yes
Any help or pointers will be appreciated. Thanks in advance.
Thanks
More information about the samba
mailing list