Hello, I am trying to join a Samba 3.0.24 server into an ADS domain, which is served by two Windows 2003 servers (let's say srv1.domain.local (192.168.1.1) and srv2.domain.local (192.168.1.4)). I am running Samba on a FreeBSD 6.2 machine and I have established an OpenVPN connection to the ADS network (tunneling). I have this in my resolv.conf:
------------------------------------------------------------------------ search domain.local nameserver 192.168.1.1 nameserver 192.168.1.4 ------------------------------------------------------------------------ I also have this in my /etc/hosts: ------------------------------------------------------------------------ 127.0.0.1 localhost localhost.my.domain 192.168.1.1 srv1.domain.local srv1 192.168.1.4 srv2.domain.local srv2 ------------------------------------------------------------------------ and I have this in my krb5.conf: ------------------------------------------------------------------------ [libdefaults] default_realm = DOMAIN.LOCAL [realms] DOMAIN.LOCAL = { kdc = srv1.domain.local } [domain_realms] .domain.local = DOMAIN.LOCAL ------------------------------------------------------------------------ And these are the relevant parameters in smb.conf: ------------------------------------------------------------------------ security = ADS netbios name = BONAPARTE server string = BONAPARTE Samba server workgroup = INFRAX realm = DOMAIN.LOCAL local master = yes preferred master = yes wins server = 192.168.1.1 192.168.1.4 password server = srv1 ------------------------------------------------------------------------ However, when I try to "kinit", I get this: [EMAIL PROTECTED]:~# kinit [EMAIL PROTECTED] [EMAIL PROTECTED]'s Password: kinit: krb5_get_init_creds: Response too big for UDP, retry with TCP and when I try to "net ads join" into the domain, I get this: [EMAIL PROTECTED]:~# net ads join -U Administrator%password [2007/07/10 08:54:38, 0] libads/kerberos.c:ads_kinit_password(208) kerberos_kinit_password [EMAIL PROTECTED] failed: Response too big for UDP, retry with TCP [2007/07/10 08:54:38, 0] utils/net_ads.c:ads_startup(289) ads_connect: Response too big for UDP, retry with TCP I am really stumped here. I have tried to change the kdc entry in krb5.conf like this: [realms] DOMAIN.LOCAL = { kdc = tcp/srv1.domain.local } but no luck either. FreeBSD 6.2 has Heimdal Kerberos 0.6.3 in it's base system, I guess this is OK. Let me also tell you also this: we firstly had a Windows 2000 server and a Windows 2003 servers as srv1 and srv2, but then we replaced the 2000 with another 2003. This BSD box is a new server as well, previously I had FreeBSD 5.4 (Samba 3.0.22) and I was ABLE to join it into the ADS (via the Win2000 server). There is no computer account in the ADS for the BSD box anymore, so I am trying to create it again (by joining it into the domain). Any ideas? Thanks, Nejc -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba