from:"Tam McLaughlin"

Re: [Samba] Join AD: no logon server

2008-10-29 Thread Tam McLaughlin

Thanks.
I have sorted out my problem.
It was a case of RTFM.
The windows server was running in mixed mode which meant that I had to
remove the realm paramater and use security = domain and finally join the
domain with: net rpc join.

Tam.

On Thu, Oct 23, 2008 at 2:26 PM, Ray Van Dolson <[EMAIL PROTECTED]> wrote:

> On Thu, Oct 23, 2008 at 01:03:56AM -0700, Tam McLaughlin wrote:
> > Hello,
> >
> > I am trying to join my server to a Win2k AD domain.
> > I have configured kerberos and can get a ticket but when I try to join
> the
> > AD I get the error "Failed to join domain: No logon servers" as detailed
> > below.
> >
> > I have searched the archives and google and followed some suggestions to
> get
> > my files into the correct format but still have a problem.
> >
> > I am using Samba version 3.0.32-0.fc8 on Fedora 8, kernel
> 2.6.25.11-60.fc8
> >
> > I have detailed my krb5.conf, smb.conf, kinit cmd and debug output from
> my
> > net ads join cmd below.
> >
> > Can anyone offer me any pointers?
> > Is there anything I can get the windows admin to check?
> >
> > Thanks
> >
> > Tam
>
> >From looking at the debug info, it doesn't seem that 10.191.2.29 is
> answering properly.
>
> Ray
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
>
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] Join AD: no logon server

2008-10-28 Thread Tam McLaughlin

Thanks.
I can't figure out why the Windows server is not answering.
What information should I gather from the Windows folk regarding the AD
configuration that may help?


> >From looking at the debug info, it doesn't seem that 10.191.2.29 is
> answering properly.
>
> Ray
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba
>
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] Join AD: no logon server

2008-10-23 Thread Tam McLaughlin

Hello,

I am trying to join my server to a Win2k AD domain.
I have configured kerberos and can get a ticket but when I try to join the
AD I get the error "Failed to join domain: No logon servers" as detailed
below.

I have searched the archives and google and followed some suggestions to get
my files into the correct format but still have a problem.

I am using Samba version 3.0.32-0.fc8 on Fedora 8, kernel 2.6.25.11-60.fc8

I have detailed my krb5.conf, smb.conf, kinit cmd and debug output from my
net ads join cmd below.

Can anyone offer me any pointers?
Is there anything I can get the windows admin to check?

Thanks

Tam



/etc/krb5.conf

[logging]
 default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log

[libdefaults]
 default_realm = NSUK.NSC.COM
 dns_lookup_realm = false
 dns_lookup_kdc = false
 ticket_lifetime = 24h
 forwardable = yes

[realms]
 NSUK.NSC.COM = {
  kdc= nsuk-ukdc3.nsuk.nsc.com
  admin_server   = nsuk-ukdc3.nsuk.nsc.com
  default_domain = nsuk.nsc.com
 }

[domain_realm]
 .nsuk.nsc.com = NSUK.NSC.COM
 nsuk.nsc.com = NSUK.NSC.COM

[appdefaults]
 pam = {
   debug = false
ticket_lifetime = 36000
   renew_lifetime = 36000
   forwardable = true
   krb4_convert = false
 }


=
/etc/samba/smb.conf
=

[global]
workgroup = NSUK
netbios name = uklnxws01
security = ads
realm = NSUK.NSC.COM
password server = 10.191.2.29
encrypt passwords = yes
domain master = no
domain logons = no
local master = no
preferred master = no


==
kinit
==
#kinit  [EMAIL PROTECTED]
Password for [EMAIL PROTECTED]:
#klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: [EMAIL PROTECTED]

Valid starting ExpiresService principal
10/22/08 16:49:56  10/23/08 02:50:04  krbtgt/[EMAIL PROTECTED]
renew until 10/23/08 16:49:56
Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached


=
other
=

cat /etc/hosts
10.191.2.29 nsuk-ukdc3   nsuk-ukdc3.nsuk.nsc.com

cat /etc/resolv.conf
domain nsc.com
nameserver 10.191.2.29
nameserver x.x.x.x
nameserver y.y.y.y


nslookup nsuk-ukdc3.nsuk.nsc.com  & 10.191.2.29

returns ok

but

nslookup nsuk-ukdc3

does not unless I use nsuk-ukdc.nsuk.nsc.com

=

I have tried using: net ads join in a number of combinations including
without the -S and createcomputer but the debug output is effectively the
same:

# net ads  join  createcomputer="servers/unix" -Snsuk-
ukdc3.uk.nsc.com -d10
[2008/10/22 16:51:35, 5] lib/debug.c:debug_dump_status(391)
  INFO: Current debug levels:
all: True/10
tdb: False/0
printdrivers: False/0
lanman: False/0
smb: False/0
rpc_parse: False/0
rpc_srv: False/0
rpc_cli: False/0
passdb: False/0
sam: False/0
auth: False/0
winbind: False/0
vfs: False/0
idmap: False/0
quota: False/0
acls: False/0
locking: False/0
msdfs: False/0
dmapi: False/0

  Processing section "[global]"
  doing parameter workgroup = NSUK
  doing parameter netbios name = uklnxws01
[2008/10/22 16:51:35, 4] param/loadparm.c:handle_netbios_name(3153)
  handle_netbios_name: set global_myname to: UKLNXWS01
  doing parameter server string = Samba Server Version %v
  doing parameter security = ads
  doing parameter realm = NSUK.NSC.COM
  doing parameter password server = 10.191.2.29
  doing parameter encrypt passwords = yes
  doing parameter domain master = no
  doing parameter domain logons = no
  doing parameter local master = no
  doing parameter preferred master = no

2008/10/22 16:51:35, 4] param/loadparm.c:lp_load(5095)
  pm_process() returned Yes
[2008/10/22 16:51:35, 7] param/loadparm.c:lp_servicenumber(5233)
  lp_servicenumber: couldn't find homes
[2008/10/22 16:51:35, 10] param/loadparm.c:set_server_role(4339)
  set_server_role: role = ROLE_DOMAIN_MEMBER
[2008/10/22 16:51:35, 5] lib/iconv.c:smb_register_charset(105)
  Attempting to register new charset UCS-2LE

  Netbios name list:-
  my_netbios_names[0]="UKLNXWS01"
[2008/10/22 16:51:35, 2] lib/interface.c:add_interface(81)
  added interface ip=10.191.164.102 bcast=10.191.164.255 nmask=255.255.255.0
[2008/10/22 16:51:35, 2] lib/interface.c:add_interface(81)
  added interface ip=192.168.122.1 bcast=192.168.122.255 nmask=255.255.255.0
[2008/10/22 16:51:35, 2] lib/interface.c:add_interface(81)
  added interface ip=192.168.87.1 bcast=192.168.87.255 nmask=255.255.255.0
[2008/10/22 16:51:35, 2] lib/interface.c:add_interface(81)
  added interface ip=192.168.104.1 bcast=192.168.104.255 nmask=255.255.255.0
[2008/10/22 16:51:35, 5] lib/gencache.c:gencache_init(61)
  Opening cache file at /var/lib/samba/gencache.tdb
[2008/10/22 16:51:35, 10] lib/gencache.c:gencache_get(212)
  Cache entry with key = AD_SITENAME/DOMAIN/NSUK.NSC.

Re: [Samba] Join AD: no logon server

Re: [Samba] Join AD: no logon server

[Samba] Join AD: no logon server

3 matches

Site Navigation

Mail list logo

Footer information