On Sat, 2002-11-09 at 09:28, Martin Hofmann wrote: > I am trying to set up a samba machine to be a member of an ads domain. > I am following the instructions in the latest samba docs (ch. 8) and > have got as far as creating the computer account. I did a "kinit" as a > user that has administrative rights (I am not sure exactly what rights > the user has, I am not the ads administrator) and then tried to do a > "net ads join" as root and I get the following errors: > > [2002/11/08 14:14:31, 0] libads/kerberos.c:ads_kinit_password(122) > kerberos_kinit_password [EMAIL PROTECTED] failed: Client not > found in Kerberos database > root password: > [2002/11/08 14:14:34, 0] libads/kerberos.c:ads_kinit_password(122) > kerberos_kinit_password [EMAIL PROTECTED] failed: Client not > found in Kerberos database > [2002/11/08 14:14:34, 1] utils/net_ads.c:ads_startup(148) > ads_connect: Invalid credentials > > It seems to need a root password for MYDOMAIN, there is no user named > root on the ads server. Do I need to create a root user on the ads > server? Or could the problem be with the rights of the user that got > the Kerberos ticket? Or is it a completely different problem? Any > advice appreciated.
While you have to run 'net' as root locally (so it can write to the local files it needs) you must specify the correct remote user. That user must have privileges for joining a machine to the domain. Depending on what version of Samba 3.0 you are running, it may or may not default to the local user, or the 'admistrator'. Either way, just run 'net join -Uadministrator' and type in the password. Andrew Bartlett -- Andrew Bartlett [EMAIL PROTECTED] Manager, Authentication Subsystems, Samba Team [EMAIL PROTECTED] Student Network Administrator, Hawker College [EMAIL PROTECTED] http://samba.org http://build.samba.org http://hawkerc.net
signature.asc
Description: This is a digitally signed message part
