Hello, I'm trying to join a win2k3 ADS domain using a working config on a debian 'Lenny' (arm processor) from another machine running gentoo (x86 processor) (only changed the netbios name).
Samba versions are 3.0.26a on both the machines. I'm pretty sure this is not a kerberos or ldap problem, anyone has a clue what else it could be? # net -d 3 ads join -U administrator [2007/11/07 23:31:00, 3] param/loadparm.c:lp_load(5039) lp_load: refreshing parameters [2007/11/07 23:31:00, 3] param/loadparm.c:init_globals(1438) Initialising global parameters [2007/11/07 23:31:00, 3] param/params.c:pm_process(572) params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf" [2007/11/07 23:31:00, 3] param/loadparm.c:do_section(3778) Processing section "[global]" [2007/11/07 23:31:01, 3] param/params.c:pm_process(572) params.c:pm_process() - Processing configuration file "/etc/samba/dhcp.conf" [2007/11/07 23:31:01, 2] lib/interface.c:add_interface(81) added interface ip=127.0.0.1 bcast=127.255.255.255 nmask=255.0.0.0 [2007/11/07 23:31:01, 2] lib/interface.c:add_interface(81) added interface ip=10.0.0.22 bcast=10.0.0.255 nmask=255.255.255.0 [2007/11/07 23:31:02, 3] libsmb/namequery.c:get_dc_list(1489) get_dc_list: preferred server list: "10.0.0.2, thuis.local" [2007/11/07 23:31:02, 3] libads/ldap.c:ads_connect(394) Connected to LDAP server 10.0.0.2 [2007/11/07 23:31:02, 3] libsmb/namequery.c:get_dc_list(1489) get_dc_list: preferred server list: "10.0.0.2, thuis.local" [2007/11/07 23:31:02, 3] libsmb/namequery.c:get_dc_list(1489) get_dc_list: preferred server list: "10.0.0.2, thuis.local" administrator's password: [2007/11/07 23:31:05, 3] libsmb/namequery.c:get_dc_list(1489) get_dc_list: preferred server list: "10.0.0.2, thuis.local" [2007/11/07 23:31:05, 3] libads/ldap.c:ads_connect(394) Connected to LDAP server 10.0.0.2 [2007/11/07 23:31:05, 3] libads/sasl.c:ads_sasl_spnego_bind(213) ads_sasl_spnego_bind: got OID=1 2 840 48018 1 2 2 [2007/11/07 23:31:05, 3] libads/sasl.c:ads_sasl_spnego_bind(213) ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 [2007/11/07 23:31:05, 3] libads/sasl.c:ads_sasl_spnego_bind(213) ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 3 [2007/11/07 23:31:05, 3] libads/sasl.c:ads_sasl_spnego_bind(213) ads_sasl_spnego_bind: got OID=1 3 6 1 4 1 311 2 2 10 [2007/11/07 23:31:05, 3] libads/sasl.c:ads_sasl_spnego_bind(222) ads_sasl_spnego_bind: got server principal name = [EMAIL PROTECTED] [2007/11/07 23:31:05, 3] libsmb/clikrb5.c:ads_krb5_mk_req(593) ads_krb5_mk_req: krb5_cc_get_principal failed (No credentials cache found) [2007/11/07 23:31:05, 3] libsmb/clikrb5.c:ads_cleanup_expired_creds(528) ads_cleanup_expired_creds: Ticket in ccache[MEMORY:net_ads] expiration Thu, 08 Nov 2007 09:31:23 CET [2007/11/07 23:31:05, 3] libsmb/namequery.c:get_dc_list(1489) get_dc_list: preferred server list: "10.0.0.2, thuis.local" [2007/11/07 23:31:05, 3] libads/ldap.c:ads_connect(394) Connected to LDAP server 10.0.0.2 [2007/11/07 23:31:05, 3] libads/sasl.c:ads_sasl_spnego_bind(213) ads_sasl_spnego_bind: got OID=1 2 840 48018 1 2 2 [2007/11/07 23:31:05, 3] libads/sasl.c:ads_sasl_spnego_bind(213) ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 [2007/11/07 23:31:05, 3] libads/sasl.c:ads_sasl_spnego_bind(213) ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 3 [2007/11/07 23:31:05, 3] libads/sasl.c:ads_sasl_spnego_bind(213) ads_sasl_spnego_bind: got OID=1 3 6 1 4 1 311 2 2 10 [2007/11/07 23:31:05, 3] libads/sasl.c:ads_sasl_spnego_bind(222) ads_sasl_spnego_bind: got server principal name = [EMAIL PROTECTED] [2007/11/07 23:31:05, 3] libsmb/clikrb5.c:ads_cleanup_expired_creds(528) ads_cleanup_expired_creds: Ticket in ccache[MEMORY:net_ads] expiration Thu, 08 Nov 2007 09:31:23 CET [2007/11/07 23:31:05, 3] libsmb/cliconnect.c:cli_start_connection(1509) Connecting to host=server2.thuis.local [2007/11/07 23:31:05, 3] lib/util_sock.c:open_socket_out(874) Connecting to 10.0.0.2 at port 445 [2007/11/07 23:31:05, 3] libsmb/cliconnect.c:cli_session_setup_spnego(793) Doing spnego session setup (blob length=108) [2007/11/07 23:31:05, 3] libsmb/cliconnect.c:cli_session_setup_spnego(818) got OID=1 2 840 48018 1 2 2 [2007/11/07 23:31:05, 3] libsmb/cliconnect.c:cli_session_setup_spnego(818) got OID=1 2 840 113554 1 2 2 [2007/11/07 23:31:05, 3] libsmb/cliconnect.c:cli_session_setup_spnego(818) got OID=1 2 840 113554 1 2 2 3 [2007/11/07 23:31:05, 3] libsmb/cliconnect.c:cli_session_setup_spnego(818) got OID=1 3 6 1 4 1 311 2 2 10 [2007/11/07 23:31:05, 3] libsmb/cliconnect.c:cli_session_setup_spnego(826) got [EMAIL PROTECTED] [2007/11/07 23:31:06, 2] libsmb/cliconnect.c:cli_session_setup_kerberos(613) Doing kerberos session setup [2007/11/07 23:31:06, 3] libsmb/clikrb5.c:ads_cleanup_expired_creds(528) ads_cleanup_expired_creds: Ticket in ccache[MEMORY:cliconnect] expiration Thu, 08 Nov 2007 09:31:23 CET [2007/11/07 23:31:06, 3] rpc_client/cli_pipe.c:rpc_pipe_bind(2081) rpc_pipe_bind: Remote machine server2.thuis.local pipe \lsarpc fnum 0x8001 bind request returned ok. [2007/11/07 23:31:06, 3] rpc_parse/parse_lsa.c:lsa_io_sec_qos(224) lsa_io_sec_qos: length c does not match size 8 [2007/11/07 23:31:06, 3] rpc_client/cli_pipe.c:rpc_pipe_bind(2081) rpc_pipe_bind: Remote machine server2.thuis.local pipe \samr fnum 0xa bind request returned ok. [2007/11/07 23:31:06, 1] rpc_client/cli_pipe.c:cli_pipe_validate_current_pdu(625) cli_pipe_validate_current_pdu: RPC fault code DCERPC_FAULT_NDR received from remote machine server2.thuis.local pipe \samr fnum 0xa! [2007/11/07 23:31:06, 1] utils/net_ads.c:net_ads_join(1548) call of net_join_domain failed: NT code 0x000006f7 Failed to join domain: NT code 0x000006f7 [2007/11/07 23:31:06, 2] utils/net.c:main(1036) return code = -1 smb.conf (relevant part only): [global] # log level = 5 enable privileges = Yes username map = /etc/samba/smbusers allow trusted domains = No idmap uid = 20000-30000 idmap gid = 20000-30000 winbind enum users = Yes winbind enum groups = Yes winbind separator = + winbind use default domain = Yes winbind offline logon = Yes winbind refresh tickets = Yes use kerberos keytab = Yes winbind nss info = template template homedir = /home/%U template shell = /bin/bash client use spnego = Yes obey pam restrictions = No password server = thuis.local null passwords = No server signing = Auto client signing = Auto lm announce = No deadtime = 15 encrypt passwords = Yes workgroup = THUIS realm = THUIS.LOCAL netbios name = BACKUP server string = Samba on %L interfaces = lo eth0 bind interfaces only = Yes hosts deny = 0.0.0.0/0 hosts allow = 10.0.0.0/24 127.0.0.1 os level = 20 wins support = No # get wins server address from dhcp include = /etc/samba/dhcp.conf name resolve order = wins lmhosts hosts bcast preferred master = No load printers = No log file = /var/log/samba/log.%m max log size = 0 security = ads socket options = TCP_NODELAY SO_RCVBUF=8192 IPTOS_LOWDELAY SO_RCVBUF=8192 SO_SNDBUF=8192 dns proxy = No time server = No hide dot files = Yes username level = 1 admin users = @%D%w"Domain Admins" guest ok = No public = No valid users = @%D%w"Domain Admins" @%D%w"Domain Power Users" @%D%w"Domain Users" @%D%w"Domain Controllers" @%D%w"Domain Computers" -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba