-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Roland Hebertinger wrote: > Marc-Andre Vallee <Marc-Andre.Vallee <at> complys.com> writes: > >> Hi, >> >> SLES10 SP2 x86_64 + Samba from repo (samba-3.2.4-8.1) >> When I try to join (net ads join -U Administrator), I get : >> Failed to join domain: failed to set machine spn: Can't contact LDAP server > > Any news on this one? I have the same problem with a slightly different setup. > I'm using a Samba 3.2.4 running on SLES 10 SP2 and try to join an AD running > on > a Windows 2008. > > Here's my output: > > # net ads join -U Administrator -d 3 > [2008/11/03 19:35:42, 3] param/loadparm.c:lp_load_ex(8754) > lp_load_ex: refreshing parameters > [2008/11/03 19:35:42, 3] param/loadparm.c:init_globals(4597) > Initialising global parameters > [2008/11/03 19:35:42, 3] param/params.c:pm_process(569) > params.c:pm_process() - Processing configuration file "/etc/samba/smb.conf" > [2008/11/03 19:35:42, 3] param/loadparm.c:do_section(7417) > Processing section "[global]" > [2008/11/03 19:35:42, 2] lib/interface.c:add_interface(337) > added interface eth0 ip=fe80::214:5eff:fed8:9816%eth0 > bcast=fe80::ffff:ffff:ffff:ffff%eth0 netmask=ffff:ffff:ffff:ffff:: > [2008/11/03 19:35:42, 2] lib/interface.c:add_interface(337) > added interface eth1 ip=fe80::214:5eff:fed8:9818%eth1 > bcast=fe80::ffff:ffff:ffff:ffff%eth1 netmask=ffff:ffff:ffff:ffff:: > [2008/11/03 19:35:42, 2] lib/interface.c:add_interface(337) > added interface eth0 ip=192.168.1.28 bcast=192.168.1.255 > netmask=255.255.255.0 > [2008/11/03 19:35:42, 2] lib/interface.c:add_interface(337) > added interface eth0 ip=192.168.1.144 bcast=192.168.1.255 > netmask=255.255.255.0 > [2008/11/03 19:35:42, 2] lib/interface.c:add_interface(337) > added interface eth0 ip=192.168.1.145 bcast=192.168.1.255 > netmask=255.255.255.0 > [2008/11/03 19:35:42, 2] lib/interface.c:add_interface(337) > added interface eth0 ip=192.168.1.195 bcast=192.168.1.255 > netmask=255.255.255.0 > [2008/11/03 19:35:42, 2] lib/interface.c:add_interface(337) > added interface eth1 ip=10.168.1.195 bcast=10.168.1.255 > netmask=255.255.255.0 > Enter Administrator's password: > [2008/11/03 19:35:46, 1] libnet/libnet_join.c:libnet_Join(1770) > libnet_Join: > libnet_JoinCtx: struct libnet_JoinCtx > in: struct libnet_JoinCtx > dc_name : NULL > machine_name : 'SR-HOME-1' > domain_name : * > domain_name : 'VERLAG.VN.IDOWA.DE' > account_ou : NULL > admin_account : 'Administrator' > admin_password : * > machine_password : NULL > join_flags : 0x00000023 (35) > 0: WKSSVC_JOIN_FLAGS_JOIN_WITH_NEW_NAME > 0: WKSSVC_JOIN_FLAGS_JOIN_DC_ACCOUNT > 0: WKSSVC_JOIN_FLAGS_DEFER_SPN > 0: WKSSVC_JOIN_FLAGS_MACHINE_PWD_PASSED > 0: WKSSVC_JOIN_FLAGS_JOIN_UNSECURE > 1: WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED > 0: WKSSVC_JOIN_FLAGS_WIN9X_UPGRADE > 0: WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE > 1: WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE > 1: WKSSVC_JOIN_FLAGS_JOIN_TYPE > os_version : NULL > os_name : NULL > create_upn : 0x00 (0) > upn : NULL > modify_config : 0x00 (0) > ads : NULL > debug : 0x01 (1) > secure_channel_type : SEC_CHAN_WKSTA (2) > [2008/11/03 19:35:46, 3] libsmb/cliconnect.c:cli_start_connection(1632) > Connecting to host=sr-dc-1.verlag.vn.idowa.de > [2008/11/03 19:35:46, 3] libsmb/namequery.c:resolve_lmhosts(1162) > resolve_lmhosts: Attempting lmhosts lookup for name > sr-dc-1.verlag.vn.idowa.de<0x20> > [2008/11/03 19:35:46, 3] libsmb/namequery.c:resolve_wins(1026) > resolve_wins: Attempting wins lookup for name > sr-dc-1.verlag.vn.idowa.de<0x20> > [2008/11/03 19:35:46, 3] libsmb/namequery.c:resolve_wins(1030) > resolve_wins: WINS server resolution selected and no WINS servers listed. > [2008/11/03 19:35:46, 3] libsmb/namequery.c:resolve_hosts(1244) > resolve_hosts: Attempting host lookup for name > sr-dc-1.verlag.vn.idowa.de<0x20> > [2008/11/03 19:35:46, 3] lib/util_sock.c:open_socket_out(1331) > Connecting to 192.168.1.82 at port 445 > [2008/11/03 19:35:46, 3] libsmb/cliconnect.c:cli_session_setup_spnego(804) > Doing spnego session setup (blob length=124) > [2008/11/03 19:35:46, 3] libsmb/cliconnect.c:cli_session_setup_spnego(831) > got OID=1 2 840 48018 1 2 2 > [2008/11/03 19:35:46, 3] libsmb/cliconnect.c:cli_session_setup_spnego(831) > got OID=1 2 840 113554 1 2 2 > [2008/11/03 19:35:46, 3] libsmb/cliconnect.c:cli_session_setup_spnego(831) > got OID=1 2 840 113554 1 2 2 3 > [2008/11/03 19:35:46, 3] libsmb/cliconnect.c:cli_session_setup_spnego(831) > got OID=1 3 6 1 4 1 311 2 2 10 > [2008/11/03 19:35:46, 3] libsmb/cliconnect.c:cli_session_setup_spnego(839) > got [EMAIL PROTECTED] > [2008/11/03 19:35:46, 3] libsmb/ntlmssp.c:ntlmssp_client_challenge(1025) > Got challenge flags: > [2008/11/03 19:35:46, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62) > Got NTLMSSP neg_flags=0x62898215 > [2008/11/03 19:35:46, 3] libsmb/ntlmssp.c:ntlmssp_client_challenge(1047) > NTLMSSP: Set final flags: > [2008/11/03 19:35:46, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62) > Got NTLMSSP neg_flags=0x60088215 > [2008/11/03 19:35:46, 3] libsmb/ntlmssp_sign.c:ntlmssp_sign_init(337) > NTLMSSP Sign/Seal - Initialising with flags: > [2008/11/03 19:35:46, 3] libsmb/ntlmssp.c:debug_ntlmssp_flags(62) > Got NTLMSSP neg_flags=0x60088215 > [2008/11/03 19:35:46, 3] rpc_client/cli_pipe.c:rpc_pipe_bind(2086) > rpc_pipe_bind: Remote machine sr-dc-1.verlag.vn.idowa.de pipe \lsarpc fnum > 0x4000 bind request returned ok. > [2008/11/03 19:35:46, 3] rpc_client/cli_pipe.c:rpc_pipe_bind(2086) > rpc_pipe_bind: Remote machine sr-dc-1.verlag.vn.idowa.de pipe \samr fnum > 0x4001 bind request returned ok. > [2008/11/03 19:35:46, 3] libads/ldap.c:ads_connect(430) > Successfully contacted LDAP server 192.168.1.82 > [2008/11/03 19:35:46, 3] libads/ldap.c:ads_connect(480) > Connected to LDAP server sr-dc-1.verlag.vn.idowa.de > [2008/11/03 19:35:46, 3] libads/sasl.c:ads_sasl_spnego_bind(780) > ads_sasl_spnego_bind: got OID=1 2 840 48018 1 2 2 > [2008/11/03 19:35:46, 3] libads/sasl.c:ads_sasl_spnego_bind(780) > ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 > [2008/11/03 19:35:46, 3] libads/sasl.c:ads_sasl_spnego_bind(780) > ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 3 > [2008/11/03 19:35:46, 3] libads/sasl.c:ads_sasl_spnego_bind(780) > ads_sasl_spnego_bind: got OID=1 3 6 1 4 1 311 2 2 10 > [2008/11/03 19:35:46, 3] libads/sasl.c:ads_sasl_spnego_bind(789) > ads_sasl_spnego_bind: got server principal name = > [EMAIL PROTECTED] > [2008/11/03 19:35:46, 3] libsmb/clikrb5.c:ads_krb5_mk_req(671) > ads_krb5_mk_req: krb5_cc_get_principal failed (No credentials cache found) > [2008/11/03 19:35:46, 3] libsmb/clikrb5.c:ads_cleanup_expired_creds(604) > ads_cleanup_expired_creds: Ticket in ccache[MEMORY:net_ads] expiration Tue, > 04 > Nov 2008 05:35:33 CET > [2008/11/03 19:35:46, 3] libsmb/clikrb5.c:ads_krb5_mk_req(713) > ads_krb5_mk_req: server marked as OK to delegate to, building forwardable > TGT > [2008/11/03 19:35:46, 1] libnet/libnet_join.c:libnet_Join(1801) > libnet_Join: > libnet_JoinCtx: struct libnet_JoinCtx > out: struct libnet_JoinCtx > account_name : NULL > netbios_domain_name : 'VERLAG' > dns_domain_name : 'verlag.vn.idowa.de' > dn : NULL > domain_sid : * > domain_sid : > S-1-5-21-1576172290-2542936531-3051237126 > modified_config : 0x00 (0) > error_string : 'failed to set machine spn: Can't > contact LDAP server' > domain_is_ad : 0x01 (1) > result : WERR_GENERAL_FAILURE > Failed to join domain: failed to set machine spn: Can't contact LDAP server > [2008/11/03 19:35:46, 2] utils/net.c:main(1172) > return code = -1
Can you please open a bug on this and upload a log level 10 "net ads join" output file ? Thanks, Guenther - -- Günther Deschner GPG-ID: 8EE11688 Red Hat [EMAIL PROTECTED] Samba Team [EMAIL PROTECTED] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iEYEARECAAYFAkkPnpcACgkQSOk3aI7hFogGSwCfa6UAai49lB43Xy1R3/IAD0sw 8m8Ani3AWKs1WiZTrob4TGrKmakIK//7 =DkE6 -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba