[Samba] ?==?utf-8?q? Joining a samba ad dc domain from another samba installation
François Legal
devel at thom.fr.eu.org
Tue Apr 26 08:36:52 UTC 2022
Le Lundi, Avril 25, 2022 15:24 CEST, Jonathon Reinhart <jonathon.reinhart at gmail.com> a écrit:
> On Mon, Apr 25, 2022 at 7:13 AM François Legal via samba <
> samba at lists.samba.org> wrote:
>
> >
> > samba-tool domain join [my samba domain] DC -k yes --dns-backend=BIND9_DLZ
> > --option='idmap_ldb:use rfc2307 = yes'
> > INFO 2022-04-25 10:41:04,952 pid:374
> > /usr/lib/python3/dist-packages/samba/join.py #107: Finding a writeable DC
> > for domain '[my samba domain]'
> > INFO 2022-04-25 10:41:04,973 pid:374
> > /usr/lib/python3/dist-packages/samba/join.py #109: Found DC [my-dc].[my
> > samba domain]
> > ERROR(<class 'samba.join.DCJoinException'>): uncaught exception - Can't
> > join, error: 00002020: Operation unavailable without authentication
> >
>
> I see you used "-k yes". Did you confirm that you have a valid Kerberos TGT
> for a Domain Admin account? (Run "kinit" to get a ticket and "klist" to
> check.)
Yes. I’ve kinit administrator@[my realm], the ticket shows out in klist afterwards.
But either using -U administrator (for which no password is requested), either --krb5-ccache=/tmp/krb5cc_0 produce the same result
François
More information about the samba
mailing list