Hello, I have an OpenIndiana server that I am attempting to join to a Samba 4 Active Directory domain. I have configured NTP and DNS on OpenIndiana to point at the domain controllers and have confirmed that timezone and date/time are in sync with the domain. I then attempted to join the domain: # smbadm join -u Administrator EXAMPLE.COM After joining EXAMPLE.COM the smb service will be restarted automatically. Would you like to continue? [no]: yes Enter domain password: Joining EXAMPLE.COM ... this may take a minute ... failed to join EXAMPLE.COM: UNSUCCESSFUL Please refer to the system log for more information
/var/adm/messages reveals more detail: smbd[1649]: [ID 834967 daemon.notice] [smb_ads_join] updating dc=example,dc=com(7) ou from dc=com to cn=Computers,dc=example,dc=com smbd[1649]: [ID 428747 daemon.notice] [smb_ads_join] dn: dc=example,cn=Computers,dc=example,dc=com, config_ou: cn=Computers,dc=example,dc=com, old_dn: dc=example,dc=com smbd[1649]: [ID 104551 daemon.notice] [smb_ads_get_default_comp_container_dn], comp_container: cn=Computers,dc=example,dc=com smbd[1649]: [ID 702911 daemon.error] smbns_ksetpwd: KPASSWD protocol exchange failed (Message stream modified) smbd[1649]: [ID 702911 daemon.notice] Failed to set machine password. smbd[1649]: [ID 871254 daemon.error] smbd: failed joining EXAMPLE.COM (UNSUCCESSFUL) On the domain controller, I see a similar error: [2017/08/18 12:39:29, 1] [2017/08/18 12:39:29, 1] ../source4/auth/gensec/gensec_krb5.c:823(gensec_krb5_unwrap) krb5_rd_priv failed: Message out of order [2017/08/18 12:39:29, 3] ../source4/kdc/kpasswdd.c:45(kpasswdd_make_error_reply) kpasswdd: gensec_unwrap failed: NT_STATUS_ACCESS_DENIED I believe the OpenIndiana machine is not sending back the proper sequence number in the KPASSWD changepw request. How can I successfully join this machine to the domain? Thanks, Andrew _______________________________________________ openindiana-discuss mailing list openindiana-discuss@openindiana.org https://openindiana.org/mailman/listinfo/openindiana-discuss
