Brijesh Shukla wrote:
Hi Samba List;
Kindly help me, I am stuck with this problem since long time.
I am trying to join windows 2003 Active Directory using Linux client.
I am able to join Windows 2003 Active directory using administrator
account
(I mean if i am giving the command like
net ads join -U administrator then it work perfectly )
Perfectly normal default operation.
on the other hand if
i try to with normal user account let say "bshukla" then I am always
getting
this problem..."ads_join_realm: Insufficient access"..
User "bshukla" does not have rights to add machines to the domain.
Again, perfectly normal default operation.
On the same time I am able to access Windows 2003 Active directory with
bshukla account using windows-xp based PC..
I am astonish kerberos is working fine because I am able to get ticket on
bshukla user account but "net ads join -U bshukla" is not giving desired
result..
What are you trying to achieve? You are already able to add your Linux
box to the domain and only need to do it once. By default, non-admin
users cannot join machines to the domain. If you want user "bshukla" to
be able to do that, the right will have to be granted in Windows AD.
I am attaching the log of my work...
Kindly suggest me what i have to do..
******************LOG FILE*************************************
[EMAIL PROTECTED] ~]# kinit [EMAIL PROTECTED]
Password for [EMAIL PROTECTED]:
[EMAIL PROTECTED] ~]# net ads join -U bshukla
[2007/02/09 20:21:36, 0] libads/ldap.c:ads_add_machine_acct(1405)
ads_add_machine_acct: Host account for localhost already exists -
modifying old account
[2007/02/09 20:21:36, 0] libads/ldap.c:ads_join_realm(1763)
ads_join_realm: ads_add_machine_acct failed (localhost): Insufficient
access
ads_join_realm: Insufficient access
***********************End of Log****************************
Thanks in advance
Brijesh Shukla
--
-Toby
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
