No, I did not. When logged into XP, it is a different machine name.
Art
[EMAIL PROTECTED] wrote:
Sorry, What I mean is did you already add the computer account to the domain from a windows admin console before you issued the command:
net ads join -U art_fore
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Art Fore Sent: Friday, May 21, 2004 2:06 PM To: [EMAIL PROTECTED] Subject: Re: [Samba] Suse 9.1 Samba
What do you mean "domain/OU"? It is on the 3mts domain.
Art
[EMAIL PROTECTED] wrote:
I am having the same exact problem except I am on Fedora Core 1 with Samba
3.0.4. Does the machine already exist in the domain/OU ?
Jack
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Art Fore Sent: Friday, May 21, 2004 1:44 PM To: [EMAIL PROTECTED] Subject: Re: [Samba] Suse 9.1 Samba
I do not have Administrator password, but I use my logon and password in XP to create an account when I change machine name.
Art
Shannon Johnson wrote:
Does the user "art_fore" have permission to create accounts on the Windows server? If not, try the Administrator account and see if that works...
____________________________
Shannon Johnson Network Support Specialist / Systems Administrator Dept. of Mechanical and Nuclear Engineering 224 Reber Building University Park, PA 16802 Phone: (814) 865-8267 ____________________________
-----Original Message----- From: Art Fore [mailto:[EMAIL PROTECTED] Sent: Friday, May 21, 2004 1:13 PM To: [EMAIL PROTECTED] Subject: [Samba] Suse 9.1 Samba
I have been trying for two weeks to get onto a Win2k domain which has
active directory with no success. The Suse YAST samba client will not
do
ADS, only domain, server, or user, so I went to the command line stuff
I
found the the Samba documentation.
I can do kinit and get back the following:
sha-linux:/etc/samba # kinit [EMAIL PROTECTED]
[EMAIL PROTECTED]'s Password:
kinit: NOTICE: ticket renewable lifetime is 1 week
When I do the net ads join, I get: (I use the same name and password
in
WinXP, different computer name and it works)
sha-linux:/etc/samba # net ads join -U art_fore
art_fore's password:
[2004/05/20 20:48:47, 0] libads/ldap.c:ads_add_machine_acct(1006)
Host account for sha-linux already exists - modifying old account
[2004/05/20 20:48:47, 0] libads/ldap.c:ads_join_realm(1342)
ads_add_machine_acct: Insufficient access
ads_join_realm: Insufficient access
If I do the klist Tickets, it does not work, so I do klist -T:
sha-linux:/etc/samba # klist -T
Credentials cache: FILE:/tmp/krb5cc_0
Principal: [EMAIL PROTECTED]
Issued Expires Principal
May 20 21:08:26 May 21 07:08:26 krbtgt/[EMAIL PROTECTED]
Below is the global part of the smb.conf file:
[global]
workgroup = 3MTS
realm = 3MTS.COM
interfaces = 127.0.0.1 eth0
bind interfaces only = true
printing = cups
printcap name = cups
printer admin = @ntadmin, root, administrator
map to guest = Bad User
security = ADS
encrypt passwords = yes
password server = mailman
idmap uid = 10000-20000
idmap gid = 10000-20000
passdb backend = smbpasswd:/etc/samba/smbpasswd
server string = Samba Server
netbios name = sha-linux
add machine script =
domain master = false
domain logons = no
local master = no
preferred master = auto
load printers = no
ldap suffix = dc=com
We use ldap and do not use PAM. Our local win network guru has no idea and is of no help. Does anyone have any ideas what the problem is? Winbind, smb and nmb are running.
Art
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
-- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
