[Samba] Domain join not happening on Debian/Ubuntu machines
Rowland Penny
rpenny at samba.org
Thu Apr 28 17:19:40 UTC 2022
On Thu, 2022-04-28 at 17:52 +0100, Sac Isilia via samba wrote:
> Hi Team,
>
> I have done all the settings as mentioned but still the domain join
> via
> winbind fails.
>
> root at cngzh1dnl01:~# net ads join -U media\\svc_domjoin02
You posted this:
workgroup = AP-MEDIA
So why are you using the user 'media\\svc_domjoin02' to join to the
'AP-MEDIA' domain ? the user 'media\\svc_domjoin02' appears to be fromanother domain.
> Enter media\svc_domjoin02's password:
> kerberos_kinit_password svc_domjoin02 at AP.MEDIA.GLOBAL.LOC failed:
> Client
> not found in Kerberos database
> Failed to join domain: failed to connect to AD: Client not found in
> Kerberos database
This is probably because the user is unknown to the domain.
>
> Also as quoted above - "If you are going to use multiple domains, you
> will
> need to use
> 'trusts'." - How to do the same ?
Try reading these:
https://wiki.samba.org/index.php/Active_Directory_Trusts
https://wiki.samba.org/index.php/Samba4/Linking_AD_and_unix_directories
However, there isn't really much on the Samba wiki and I don't use
trusts (I once set up a POC forest, but this was way back at Samba
4.9.x). Is there anyone using trusts that could help here ?
Rowland
More information about the samba
mailing list