It would make sense that was the issue due to: server string = %h server (Samba, Ubuntu)
but still getting the same error: $ sudo net join -w SECLAB -I 10.252.159.137 -U Administrator Enter Administrator's password: [2010/10/28 13:40:07.929859, 0] utils/net_rpc_join.c:406(net_rpc_join_newstyle) Error in domain join verification (credential setup failed): NT_STATUS_INVALID_COMPUTER_NAME Unable to join domain SECLAB. $ grep 'server name' /etc/samba/smb.conf $ grep 'server string' /etc/samba/smb.conf server string = MAT-DESKTOP # server string is the equivalent of the NT Description field # server string = %h server (Samba, Ubuntu) On 10/28/10 1:31 PM, "schilling" <schilling2...@gmail.com> wrote: >put server string = MAT-DESKTOP > >On Thu, Oct 28, 2010 at 3:24 PM, Rowley, Mathew ><mathew_row...@cable.comcast.com> wrote: >> $ hostname >> mat-desktop.security.lab.net >> >> >> Short name is just mat-desktop >> >> >> >> Mathew Rowley >> IIS Network Security Architecture >> >> >> >> >> >> On 10/28/10 12:41 PM, "Sallee, Stephen (Jake)" <jake.sal...@umhb.edu> >> wrote: >> >>>I have to ask ... but what is your server's name? The error is saying >>>that the name is incompatible with AD, do you have and special >>>characters, any spaces, or any other weirdness in you server's name? >>> >>>Jake Sallee >>>Godfather Of Bandwidth >>>Network Engineer >>> >>>Fone: 254-295-4658 >>>Phax: 254-295-4221 >>> >>> >>>-----Original Message----- >>>From: freeradius-users-bounces+jake.sallee=umhb....@lists.freeradius.org >>>[mailto:freeradius-users-bounces+jake.sallee=umhb....@lists.freeradius.o >>>rg] On Behalf Of Rowley, Mathew >>>Sent: Thursday, October 28, 2010 1:33 PM >>>To: freeradius-users@lists.freeradius.org >>>Subject: Problems getting a linux server to join a AD domain >>> >>>In an attempt to integrate Radius with AD, and following the tutorial >>>(http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HOWT >>>O) I have set up an AD server in our lab, and having trouble adding my >>>linux box to the domain. Can anyone see what im doing wrong? The error I >>>keep getting is: >>> >>>$ sudo net join -w SECLAB -I 10.252.159.137 -U Administrator [sudo] >>>password for wuntee: >>>Enter Administrator's password: >>>[2010/10/28 12:23:36.656829, 0] >>>utils/net_rpc_join.c:406(net_rpc_join_newstyle) >>> Error in domain join verification (credential setup failed): >>>NT_STATUS_INVALID_COMPUTER_NAME >>> >>>Unable to join domain SECLAB. >>> >>> >>>Kerberos seems to work fine: >>> >>>$ kinit mrowle000 >>>Password for mrowle...@seclab.security.lab.net: >>>$ klist >>>Ticket cache: FILE:/tmp/krb5cc_1000 >>>Default principal: mrowle...@seclab.security.lab.net >>> >>>Valid starting Expires Service principal >>>10/28/10 12:27:29 10/28/10 22:27:23 >>>krbtgt/seclab.security.lab....@seclab.security.lab.net >>>renew until 10/29/10 12:27:29 >>> >>> >>>CONFIGS: >>> >>>krb5.conf >>>[logging] >>> default = FILE:/var/log/krb5libs.log >>> kdc = FILE:/var/log/krb5kdc.log >>> kdc = SYSLOG:INFO:AUTH >>> admin_server = FILE:/var/log/kadmind.log admin_server = >>>SYSLOG:INFO:AUTH >>> >>>[libdefaults] >>> default_realm = SECLAB.SECURITY.LAB.NET dns_lookup_realm = false >>>dns_lookup_kdc = false ticket_lifetime = 24h forwardable = yes >>> >>>[appdefaults] >>> pam = { >>> debug = false >>> ticket_lifetime = 36000 >>> renew_lifetime = 36000 >>> forwardable = true >>> krb4_convert = false >>> } >>> >>>[realms] >>>SECLAB.SECURITY.LAB.NET = { >>> kdc = seclab.security.lab.net:88 >>> default_domain = seclab.secuitry.lab.net } >>> >>>[domain_realm] >>>.seclab.security.lab.net = SECLAB.SECURITY.LAB.NET >>>seclab.security.lab.net = SECLAB.SECURITY.LAB.NET >>> >>> >>>Samba.conf >>>[global] >>> workgroup = SECLAB.SECURITY.LAB.NET >>> server string = %h server (Samba, Ubuntu) >>> dns proxy = no >>> log file = /var/log/samba/log.%m >>> max log size = 1000 >>> syslog = 0 >>> panic action = /usr/share/samba/panic-action %d >>> security = ads >>> encrypt passwords = true >>> passdb backend = tdbsam >>> obey pam restrictions = yes >>> unix password sync = yes >>> passwd program = /usr/bin/passwd %u >>> passwd chat = *Enter\snew\s*\spassword:* %n\n >>>*Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . >>> pam password change = yes >>> map to guest = bad user >>> idmap uid = 16777216-33554431 >>> idmap gid = 16777216-33554431 >>> template shell = /bin/bash >>> winbind use default domain = no >>> password server = seclab.security.lab.net //your AD-server >>> realm = SECLAB.SECURITY.LAB.NET //your real >>> usershare allow guests = yes >>> >>>[homes] >>> comment = Home Directories >>> browseable = no >>> writable = yes >>> >>>[printers] >>> comment = All Printers >>> browseable = no >>> path = /var/spool/samba >>> printable = yes >>> guest ok = no >>> read only = yes >>> create mask = 0700 >>> >>>[print$] >>> comment = Printer Drivers >>> path = /var/lib/samba/printers >>> browseable = yes >>> read only = yes >>> guest ok = no >>> >>> >>>- >>>List info/subscribe/unsubscribe? See >>>http://www.freeradius.org/list/users.html >>> >>>- >>>List info/subscribe/unsubscribe? See >>>http://www.freeradius.org/list/users.html >> >> >> - >> List info/subscribe/unsubscribe? See >>http://www.freeradius.org/list/users.html >> > >- >List info/subscribe/unsubscribe? See >http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html