ADS integration net ads join fails, possibly wrong OU
Patrick Paul
patpaul at MIT.EDU
Thu Apr 4 09:06:02 GMT 2002
I've got the latest cvs code for samba_head.
I compile it, and set all the config's correctly in smb.conf. I've got
--with-krb5-base all set, --with-pam,ldapsam,syslog,acl-support and
debug all on.
My krb5.conf file is fine, and doing a kinit user at EX.DOMAIN.EDU works
find, and klist lists my ADS.
Upon doing a net ads join, I get this error
net: getvalues.c:93: ldap_get_values_len: Assertion `entry !=
((void*)0)' failed.
ADS is the only way to get samba to join the domain, as NT4-legacy
machines aren't allowed, due to our all-kerberos network.
The interesting part is when I run net ads join asdf, I get
ads_join_realm: organization unit asdf does not exist
(dn:ou=asdf,dc=win,dc=mit,dc=edu)
Now, the network is setup so that I can only join the
ou=biomicro,ou=Machines,dc=win,dc=mit,dc=edu dn. I'm able to specify an
ou on the command line, but not a 'sub-ou'. I've tried every syntax
imaginable, but then I get Invalid DN syntax errors all time. Is it
possible to specify a 'sub-out'(ou=,ou=) on the command line? Could
that be why I'm failing? And what exactly does `entry !=.....' mean?
Thanks in advance.
--
Patrick Paul
Systems Administrator
Biology Dept., MIT
patpaul at massachusettsinstituteoftechnology-abbrev-to-send.edu
More information about the samba-technical
mailing list