[Samba] net ads join -- strange message

nathalie ramat nathalie.ramat at univ-littoral.fr
Wed Oct 23 09:51:40 UTC 2019


Hello,

I have an server ad  - everything seems ok
I have a windows client and a linux client . The users must to connect 
on windows or on linux with the same home.

when I join my client linux with the command net ads join -U 
administration I have after the following message

net ads join -U administrator
Enter administrator's password:

Error reading password from file descriptor 0: empty password

Error reading password from file descriptor 0: empty password

Error reading password from file descriptor 0: empty password

Error reading password from file descriptor 0: empty password

Error reading password from file descriptor 0: empty password

Error reading password from file descriptor 0: empty password

Error reading password from file descriptor 0: empty password
Using short domain name -- SAMBADOM
Joined 'CLIENTBLUESEYE' to dns domain 'sambadom.calais.fr'

but my machine is joined to my samba AD.

Why I have this error ?
In my log samba I have :
  load_auth_module: Attempting to find an auth method to match samba4
/usr/sbin/smbd: load_auth_module: auth method samba4 has a valid init
/usr/sbin/smbd: ldb_wrap open of secrets.ldb
/usr/sbin/smbd: Starting GENSEC mechanism spnego
/usr/sbin/smbd: Starting GENSEC submechanism gssapi_krb5


Does it test different authentication methods ?


My smb.conf server is  :

# Global parameters
[global]
     dns forwarder = 193.49.xxx.xxx
     netbios name = BLUEYESTEST
     realm = SAMBADOM.CALAIS.FR
     server role = active directory domain controller
     workgroup =SAMBADOM
     idmap_ldb:use rfc2307 = yes
     log level =5
     log file =/var/log/samba3/log.%M
     max log size = 1000
     host msdfs = no
#    vfs objects = acl_xattr
#    map acl inherit =yes
#    store dos attributes = yes
     load printers = no
     printing = bsd
     printcap name = /dev/null
     disable spoolss = yes

#  for tests only
     winbind enum users =yes
     winbind enum groups =yes
#
     winbind separator = /
     winbind use default domain = yes

[netlogon]
     path = /var/lib/samba/sysvol/sambadom.calais.fr/scripts
     read only = No
     writable = yes

[sysvol]
     path = /var/lib/samba/sysvol
     read only = No
     browsable =yes
[homes]
     path=/home/SAMBADOM/%G/%U
     writable=yes
     read only = no


my smb.conf client linux is

[global]
     security =ADS
     realm = SAMBADOM.CALAIS.FR
     workgroup =SAMBADOM
     netbios name = clientblueseye
     winbind separator = /
     winbind enum users = yes
     winbind enum groups = yes


     idmap config * : backend=tdb
     idmap config * : range=1000-2000

     idmap config SAMBADOM : backend = ad
     idmap config SAMBADOM : schema_mode =rfc2307
     idmap config SAMBADOM : backend = rid
     idmap config SAMBADOM : range = 10000-600000
     idmap config SAMBADOM : unix_nss_info = yes
     idmap config SAMBADOM : unix_primary_group = yes
     template homedir =/etudiants/%U

#    template homedir = /home/%D/%G/%U

     template shell =/bin/bash
     kerberos method =  secrets and keytab
     dedicated keytab file =/etc/krb5.keytab
     winbind refresh tickets =yes
#
#    username map = /etc/samba/samba_usermapping
     winbind use default domain = yes
     log file =/var/log/samba/log.%m
     log level = 3
# for acl support on members servers with shares
#    vfs object = acl_xattr
#    map acl inherit = yes
#    store dos attributes = yes
#    winbind nss info = rfc2307




Thanks for your help

Sincerely

-- 
Nathalie RAMAT-LECLERCQ

Service Informatique

Universite du Littoral-Côte d'Opale
SCoSI - Service Commun du Système d'Information
Pôle Systèmes et réseaux

Centre de Gestion Universitaire de Calais
50 rue ferdinand Buisson
C.S 80699
62228 CALAIS CEDEX







More information about the samba mailing list