add netbios-name = MAT-DESKTOP That's what we have here.
On Thu, Oct 28, 2010 at 3:49 PM, Rowley, Mathew <mathew_row...@cable.comcast.com> wrote: > It would make sense that was the issue due to: > > server string = %h server (Samba, Ubuntu) > > but still getting the same error: > > $ sudo net join -w SECLAB -I 10.252.159.137 -U Administrator > Enter Administrator's password: > [2010/10/28 13:40:07.929859, 0] > utils/net_rpc_join.c:406(net_rpc_join_newstyle) > Error in domain join verification (credential setup failed): > NT_STATUS_INVALID_COMPUTER_NAME > > Unable to join domain SECLAB. > > > $ grep 'server name' /etc/samba/smb.conf > $ grep 'server string' /etc/samba/smb.conf > server string = MAT-DESKTOP > # server string is the equivalent of the NT Description field > # server string = %h server (Samba, Ubuntu) > > > > > > > On 10/28/10 1:31 PM, "schilling" <schilling2...@gmail.com> wrote: > >>put server string = MAT-DESKTOP >> >>On Thu, Oct 28, 2010 at 3:24 PM, Rowley, Mathew >><mathew_row...@cable.comcast.com> wrote: >>> $ hostname >>> mat-desktop.security.lab.net >>> >>> >>> Short name is just mat-desktop >>> >>> >>> >>> Mathew Rowley >>> IIS Network Security Architecture >>> >>> >>> >>> >>> >>> On 10/28/10 12:41 PM, "Sallee, Stephen (Jake)" <jake.sal...@umhb.edu> >>> wrote: >>> >>>>I have to ask ... but what is your server's name? The error is saying >>>>that the name is incompatible with AD, do you have and special >>>>characters, any spaces, or any other weirdness in you server's name? >>>> >>>>Jake Sallee >>>>Godfather Of Bandwidth >>>>Network Engineer >>>> >>>>Fone: 254-295-4658 >>>>Phax: 254-295-4221 >>>> >>>> >>>>-----Original Message----- >>>>From: freeradius-users-bounces+jake.sallee=umhb....@lists.freeradius.org >>>>[mailto:freeradius-users-bounces+jake.sallee=umhb....@lists.freeradius.o >>>>rg] On Behalf Of Rowley, Mathew >>>>Sent: Thursday, October 28, 2010 1:33 PM >>>>To: freeradius-users@lists.freeradius.org >>>>Subject: Problems getting a linux server to join a AD domain >>>> >>>>In an attempt to integrate Radius with AD, and following the tutorial >>>>(http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HOWT >>>>O) I have set up an AD server in our lab, and having trouble adding my >>>>linux box to the domain. Can anyone see what im doing wrong? The error I >>>>keep getting is: >>>> >>>>$ sudo net join -w SECLAB -I 10.252.159.137 -U Administrator [sudo] >>>>password for wuntee: >>>>Enter Administrator's password: >>>>[2010/10/28 12:23:36.656829, 0] >>>>utils/net_rpc_join.c:406(net_rpc_join_newstyle) >>>> Error in domain join verification (credential setup failed): >>>>NT_STATUS_INVALID_COMPUTER_NAME >>>> >>>>Unable to join domain SECLAB. >>>> >>>> >>>>Kerberos seems to work fine: >>>> >>>>$ kinit mrowle000 >>>>Password for mrowle...@seclab.security.lab.net: >>>>$ klist >>>>Ticket cache: FILE:/tmp/krb5cc_1000 >>>>Default principal: mrowle...@seclab.security.lab.net >>>> >>>>Valid starting Expires Service principal >>>>10/28/10 12:27:29 10/28/10 22:27:23 >>>>krbtgt/seclab.security.lab....@seclab.security.lab.net >>>>renew until 10/29/10 12:27:29 >>>> >>>> >>>>CONFIGS: >>>> >>>>krb5.conf >>>>[logging] >>>> default = FILE:/var/log/krb5libs.log >>>> kdc = FILE:/var/log/krb5kdc.log >>>> kdc = SYSLOG:INFO:AUTH >>>> admin_server = FILE:/var/log/kadmind.log admin_server = >>>>SYSLOG:INFO:AUTH >>>> >>>>[libdefaults] >>>> default_realm = SECLAB.SECURITY.LAB.NET dns_lookup_realm = false >>>>dns_lookup_kdc = false ticket_lifetime = 24h forwardable = yes >>>> >>>>[appdefaults] >>>> pam = { >>>> debug = false >>>> ticket_lifetime = 36000 >>>> renew_lifetime = 36000 >>>> forwardable = true >>>> krb4_convert = false >>>> } >>>> >>>>[realms] >>>>SECLAB.SECURITY.LAB.NET = { >>>> kdc = seclab.security.lab.net:88 >>>> default_domain = seclab.secuitry.lab.net } >>>> >>>>[domain_realm] >>>>.seclab.security.lab.net = SECLAB.SECURITY.LAB.NET >>>>seclab.security.lab.net = SECLAB.SECURITY.LAB.NET >>>> >>>> >>>>Samba.conf >>>>[global] >>>> workgroup = SECLAB.SECURITY.LAB.NET >>>> server string = %h server (Samba, Ubuntu) >>>> dns proxy = no >>>> log file = /var/log/samba/log.%m >>>> max log size = 1000 >>>> syslog = 0 >>>> panic action = /usr/share/samba/panic-action %d >>>> security = ads >>>> encrypt passwords = true >>>> passdb backend = tdbsam >>>> obey pam restrictions = yes >>>> unix password sync = yes >>>> passwd program = /usr/bin/passwd %u >>>> passwd chat = *Enter\snew\s*\spassword:* %n\n >>>>*Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . >>>> pam password change = yes >>>> map to guest = bad user >>>> idmap uid = 16777216-33554431 >>>> idmap gid = 16777216-33554431 >>>> template shell = /bin/bash >>>> winbind use default domain = no >>>> password server = seclab.security.lab.net //your AD-server >>>> realm = SECLAB.SECURITY.LAB.NET //your real >>>> usershare allow guests = yes >>>> >>>>[homes] >>>> comment = Home Directories >>>> browseable = no >>>> writable = yes >>>> >>>>[printers] >>>> comment = All Printers >>>> browseable = no >>>> path = /var/spool/samba >>>> printable = yes >>>> guest ok = no >>>> read only = yes >>>> create mask = 0700 >>>> >>>>[print$] >>>> comment = Printer Drivers >>>> path = /var/lib/samba/printers >>>> browseable = yes >>>> read only = yes >>>> guest ok = no >>>> >>>> >>>>- >>>>List info/subscribe/unsubscribe? See >>>>http://www.freeradius.org/list/users.html >>>> >>>>- >>>>List info/subscribe/unsubscribe? See >>>>http://www.freeradius.org/list/users.html >>> >>> >>> - >>> List info/subscribe/unsubscribe? See >>>http://www.freeradius.org/list/users.html >>> >> >>- >>List info/subscribe/unsubscribe? See >>http://www.freeradius.org/list/users.html > > - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html