Hi all,
I'm not having any success adding samba (3.0.28 on Solaris 10) to a Windows
AD server (2003 R2) per the instructions here: (In addition to much
googling)
http://us3.samba.org/samba/docs/man/Samba-Guide/unixclients.html#adssdm
The error is:
bash-3.00# /usr/sfw/sbin/net ads join -U Administrator
Administrator's password:
Using short domain name -- BETA
Failed to set servicePrincipalNames. Please ensure that
the DNS domain of this server matches the AD domain,
Or rejoin with using Domain Admin credentials.
Deleted account for 'SOLARIS' in realm 'BETA.LOCAL'
Failed to join domain: Type or value exists
Thanks for you help. More information below.
Windows AD domain name: beta.local
Background:
bash-3.00# hostname
solaris
bash-3.00# domainname
beta.local
smb.conf -
[global]
log level = 1
syslog = 0
log file = /var/log/samba/%m
max log size = 50
idmap uid = 1-2
idmap gid = 1-2
winbind separator = +
workgroup = beta
server string = Samba
security = ADS
-
/etc/krb5/krb5.conf--
[libdefaults]
default_realm = BETA.local
[realms]
BETA.local = {
kdc = will-ea96ec1f1e.beta.local:
default_domain = beta.local
}
[domain_realm]
BETA.local = BETA.local
.BETA.local = BETA.local
[logging]
default = FILE:/var/krb5/kdc.log
kdc = FILE:/var/krb5/kdc.log
kdc_rotate = {
period = 1d
versions = 10
}
[appdefaults]
kinit = {
renewable = true
forwardable= true
}
gkadmin = {
help_url =
http://docs.sun.com:80/ab2/coll.384.1/SEAM/@AB2PageView/1195}
---
bash-3.00# /usr/sfw/sbin/net ads join -U Administrator -d3
[2008/11/13 17:43:35, 3] param/loadparm.c:(5031)
lp_load: refreshing parameters
[2008/11/13 17:43:35, 3] param/loadparm.c:(1430)
Initialising global parameters
[2008/11/13 17:43:35, 3] param/params.c:(572)
params.c:pm_process() - Processing configuration file "/etc/sfw/smb.conf"
[2008/11/13 17:43:35, 3] param/loadparm.c:(3770)
Processing section "[global]"
[2008/11/13 17:43:35, 2] lib/interface.c:(81)
added interface ip=192.168.0.10 bcast=192.168.0.255 nmask=255.255.255.0
[2008/11/13 17:43:35, 3] libsmb/namequery.c:(1489)
get_dc_list: preferred server list: "192.168.0.1, *"
[2008/11/13 17:43:35, 3] libads/ldap.c:(394)
Connected to LDAP server 192.168.0.1
[2008/11/13 17:43:35, 3] libsmb/namequery.c:(1489)
get_dc_list: preferred server list: "192.168.0.1, *"
[2008/11/13 17:43:35, 3] libsmb/namequery.c:(1489)
get_dc_list: preferred server list: "192.168.0.1, *"
Administrator's password:
[2008/11/13 17:43:41, 3] libsmb/namequery.c:(1489)
get_dc_list: preferred server list: "192.168.0.1, *"
[2008/11/13 17:43:41, 3] libads/ldap.c:(394)
Connected to LDAP server 192.168.0.1
[2008/11/13 17:43:41, 3] libads/sasl.c:(213)
ads_sasl_spnego_bind: got OID=1 2 840 48018 1 2 2
[2008/11/13 17:43:41, 3] libads/sasl.c:(213)
ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2
[2008/11/13 17:43:41, 3] libads/sasl.c:(213)
ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 3
[2008/11/13 17:43:41, 3] libads/sasl.c:(213)
ads_sasl_spnego_bind: got OID=1 3 6 1 4 1 311 2 2 10
[2008/11/13 17:43:41, 3] libads/sasl.c:(222)
ads_sasl_spnego_bind: got server principal name =
[EMAIL PROTECTED]
[2008/11/13 17:43:41, 3] libsmb/clikrb5.c:(593)
ads_krb5_mk_req: krb5_cc_get_principal failed (No credentials cache file
found)
[2008/11/13 17:43:41, 3] libsmb/clikrb5.c:(528)
ads_cleanup_expired_creds: Ticket in ccache[MEMORY:net_ads] expiration
Fri, 14 Nov 2008 03:43:38 EST
[2008/11/13 17:43:41, 3] libsmb/namequery.c:(1489)
get_dc_list: preferred server list: "192.168.0.1, *"
[2008/11/13 17:43:41, 3] libads/ldap.c:(394)
Connected to LDAP server 192.168.0.1
[2008/11/13 17:43:41, 3] libads/sasl.c:(213)
ads_sasl_spnego_bind: got OID=1 2 840 48018 1 2 2
[2008/11/13 17:43:41, 3] libads/sasl.c:(213)
ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2
[2008/11/13 17:43:41, 3] libads/sasl.c:(213)
ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 3
[2008/11/13 17:43:41, 3] libads/sasl.c:(213)
ads_sasl_spnego_bind: got OID=1 3 6 1 4 1 311 2 2 10
[2008/11/13 17:43:41, 3] libads/sasl.c:(222)
ads_sasl_spnego_bind: got server principal name =
[EMAIL PROTECTED]
[2008/11/13 17:43:41, 3] libsmb/clikrb5.c:(528)
ads_cleanup_expired_creds: Ticket in ccache[MEMORY:net_ads] expiration
Fri, 14 Nov 2008 03:43:38 EST
[2008/11/13 17:43:41, 3] libsmb/cliconnect.c:(1509)
Connecting to host=will-ea96ec1f1e.beta.local
[2008/11/13 17:43:41, 3] lib/util_sock.c:(874)
Connecting to 192.168.0.1 at port 445
[2008/11/13 17:43:41, 3] libsmb/cliconnect.c:(793)
Doing spnego session setup (blob length=115)
[2008/11/13 17: