I can do kinit and get back the following:
sha-linux:/etc/samba # kinit [EMAIL PROTECTED]
[EMAIL PROTECTED]'s Password:
kinit: NOTICE: ticket renewable lifetime is 1 week
When I do the net ads join, I get: (I use the same name and password in WinXP, different computer name and it works)
sha-linux:/etc/samba # net ads join -U art_fore
art_fore's password:
[2004/05/20 20:48:47, 0] libads/ldap.c:ads_add_machine_acct(1006)
Host account for sha-linux already exists - modifying old account
[2004/05/20 20:48:47, 0] libads/ldap.c:ads_join_realm(1342)
ads_add_machine_acct: Insufficient access
ads_join_realm: Insufficient access
If I do the klist Tickets, it does not work, so I do klist -T:
sha-linux:/etc/samba # klist -T
Credentials cache: FILE:/tmp/krb5cc_0
Principal: [EMAIL PROTECTED]
Issued Expires Principal
May 20 21:08:26 May 21 07:08:26 krbtgt/[EMAIL PROTECTED]
Below is the global part of the smb.conf file:
[global]
workgroup = 3MTS
realm = 3MTS.COM
interfaces = 127.0.0.1 eth0
bind interfaces only = true
printing = cups
printcap name = cups
printer admin = @ntadmin, root, administrator
map to guest = Bad User
security = ADS
encrypt passwords = yes
password server = mailman
idmap uid = 10000-20000
idmap gid = 10000-20000
passdb backend = smbpasswd:/etc/samba/smbpasswd
server string = Samba Server
netbios name = sha-linux
add machine script =
domain master = false
domain logons = no
local master = no
preferred master = auto
load printers = no
ldap suffix = dc=com
We use ldap and do not use PAM. Our local win network guru has no idea and is of no help. Does anyone have any ideas what the problem is? Winbind, smb and nmb are running.
Art
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
