Ignored netbios-name, but 'netbios name' was accepted, but still, same error...
On 10/28/10 2:03 PM, "schilling" <schilling2...@gmail.com> wrote: >add netbios-name = MAT-DESKTOP > >That's what we have here. > >On Thu, Oct 28, 2010 at 3:49 PM, Rowley, Mathew ><mathew_row...@cable.comcast.com> wrote: >> It would make sense that was the issue due to: >> >> server string = %h server (Samba, Ubuntu) >> >> but still getting the same error: >> >> $ sudo net join -w SECLAB -I 10.252.159.137 -U Administrator >> Enter Administrator's password: >> [2010/10/28 13:40:07.929859, 0] >> utils/net_rpc_join.c:406(net_rpc_join_newstyle) >> Error in domain join verification (credential setup failed): >> NT_STATUS_INVALID_COMPUTER_NAME >> >> Unable to join domain SECLAB. >> >> >> $ grep 'server name' /etc/samba/smb.conf >> $ grep 'server string' /etc/samba/smb.conf >> server string = MAT-DESKTOP >> # server string is the equivalent of the NT Description field >> # server string = %h server (Samba, Ubuntu) >> >> >> >> >> >> >> On 10/28/10 1:31 PM, "schilling" <schilling2...@gmail.com> wrote: >> >>>put server string = MAT-DESKTOP >>> >>>On Thu, Oct 28, 2010 at 3:24 PM, Rowley, Mathew >>><mathew_row...@cable.comcast.com> wrote: >>>> $ hostname >>>> mat-desktop.security.lab.net >>>> >>>> >>>> Short name is just mat-desktop >>>> >>>> >>>> >>>> Mathew Rowley >>>> IIS Network Security Architecture >>>> >>>> >>>> >>>> >>>> >>>> On 10/28/10 12:41 PM, "Sallee, Stephen (Jake)" <jake.sal...@umhb.edu> >>>> wrote: >>>> >>>>>I have to ask ... but what is your server's name? The error is saying >>>>>that the name is incompatible with AD, do you have and special >>>>>characters, any spaces, or any other weirdness in you server's name? >>>>> >>>>>Jake Sallee >>>>>Godfather Of Bandwidth >>>>>Network Engineer >>>>> >>>>>Fone: 254-295-4658 >>>>>Phax: 254-295-4221 >>>>> >>>>> >>>>>-----Original Message----- >>>>>From: >>>>>freeradius-users-bounces+jake.sallee=umhb....@lists.freeradius.org >>>>>[mailto:freeradius-users-bounces+jake.sallee=umhb....@lists.freeradius >>>>>.o >>>>>rg] On Behalf Of Rowley, Mathew >>>>>Sent: Thursday, October 28, 2010 1:33 PM >>>>>To: freeradius-users@lists.freeradius.org >>>>>Subject: Problems getting a linux server to join a AD domain >>>>> >>>>>In an attempt to integrate Radius with AD, and following the tutorial >>>>>(http://wiki.freeradius.org/FreeRADIUS_Active_Directory_Integration_HO >>>>>WT >>>>>O) I have set up an AD server in our lab, and having trouble adding my >>>>>linux box to the domain. Can anyone see what im doing wrong? The >>>>>error I >>>>>keep getting is: >>>>> >>>>>$ sudo net join -w SECLAB -I 10.252.159.137 -U Administrator [sudo] >>>>>password for wuntee: >>>>>Enter Administrator's password: >>>>>[2010/10/28 12:23:36.656829, 0] >>>>>utils/net_rpc_join.c:406(net_rpc_join_newstyle) >>>>> Error in domain join verification (credential setup failed): >>>>>NT_STATUS_INVALID_COMPUTER_NAME >>>>> >>>>>Unable to join domain SECLAB. >>>>> >>>>> >>>>>Kerberos seems to work fine: >>>>> >>>>>$ kinit mrowle000 >>>>>Password for mrowle...@seclab.security.lab.net: >>>>>$ klist >>>>>Ticket cache: FILE:/tmp/krb5cc_1000 >>>>>Default principal: mrowle...@seclab.security.lab.net >>>>> >>>>>Valid starting Expires Service principal >>>>>10/28/10 12:27:29 10/28/10 22:27:23 >>>>>krbtgt/seclab.security.lab....@seclab.security.lab.net >>>>>renew until 10/29/10 12:27:29 >>>>> >>>>> >>>>>CONFIGS: >>>>> >>>>>krb5.conf >>>>>[logging] >>>>> default = FILE:/var/log/krb5libs.log >>>>> kdc = FILE:/var/log/krb5kdc.log >>>>> kdc = SYSLOG:INFO:AUTH >>>>> admin_server = FILE:/var/log/kadmind.log admin_server = >>>>>SYSLOG:INFO:AUTH >>>>> >>>>>[libdefaults] >>>>> default_realm = SECLAB.SECURITY.LAB.NET dns_lookup_realm = false >>>>>dns_lookup_kdc = false ticket_lifetime = 24h forwardable = yes >>>>> >>>>>[appdefaults] >>>>> pam = { >>>>> debug = false >>>>> ticket_lifetime = 36000 >>>>> renew_lifetime = 36000 >>>>> forwardable = true >>>>> krb4_convert = false >>>>> } >>>>> >>>>>[realms] >>>>>SECLAB.SECURITY.LAB.NET = { >>>>> kdc = seclab.security.lab.net:88 >>>>> default_domain = seclab.secuitry.lab.net } >>>>> >>>>>[domain_realm] >>>>>.seclab.security.lab.net = SECLAB.SECURITY.LAB.NET >>>>>seclab.security.lab.net = SECLAB.SECURITY.LAB.NET >>>>> >>>>> >>>>>Samba.conf >>>>>[global] >>>>> workgroup = SECLAB.SECURITY.LAB.NET >>>>> server string = %h server (Samba, Ubuntu) >>>>> dns proxy = no >>>>> log file = /var/log/samba/log.%m >>>>> max log size = 1000 >>>>> syslog = 0 >>>>> panic action = /usr/share/samba/panic-action %d >>>>> security = ads >>>>> encrypt passwords = true >>>>> passdb backend = tdbsam >>>>> obey pam restrictions = yes >>>>> unix password sync = yes >>>>> passwd program = /usr/bin/passwd %u >>>>> passwd chat = *Enter\snew\s*\spassword:* %n\n >>>>>*Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* . >>>>> pam password change = yes >>>>> map to guest = bad user >>>>> idmap uid = 16777216-33554431 >>>>> idmap gid = 16777216-33554431 >>>>> template shell = /bin/bash >>>>> winbind use default domain = no >>>>> password server = seclab.security.lab.net //your AD-server >>>>> realm = SECLAB.SECURITY.LAB.NET //your real >>>>> usershare allow guests = yes >>>>> >>>>>[homes] >>>>> comment = Home Directories >>>>> browseable = no >>>>> writable = yes >>>>> >>>>>[printers] >>>>> comment = All Printers >>>>> browseable = no >>>>> path = /var/spool/samba >>>>> printable = yes >>>>> guest ok = no >>>>> read only = yes >>>>> create mask = 0700 >>>>> >>>>>[print$] >>>>> comment = Printer Drivers >>>>> path = /var/lib/samba/printers >>>>> browseable = yes >>>>> read only = yes >>>>> guest ok = no >>>>> >>>>> >>>>>- >>>>>List info/subscribe/unsubscribe? See >>>>>http://www.freeradius.org/list/users.html >>>>> >>>>>- >>>>>List info/subscribe/unsubscribe? See >>>>>http://www.freeradius.org/list/users.html >>>> >>>> >>>> - >>>> List info/subscribe/unsubscribe? See >>>>http://www.freeradius.org/list/users.html >>>> >>> >>>- >>>List info/subscribe/unsubscribe? See >>>http://www.freeradius.org/list/users.html >> >> - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html