Re: [Samba] ADS Join on Windows 2008 domain not working in 3.0.25b?

2007-07-09 Thread Todd Stecher 


On Jul 3, 2007, at 3:04 PM, Eddie Tse wrote:

Using samba 3.0.25b, testing to join to a Windows 2008 domain using  
ADS security with kerberos and it doesn't seem to work.  Anybody  
else tried this combination?


Ironic - this is the issue I was just describing in the mail " SPNEGO  
in Samba" .  I'm working on getting this fixed.  Stay tuned.



Todd Stecher | Windows Interop Dev
Isilon SystemsP +1-206-315-7500 F  +1-206-315-7501
www.isilon.comD +1-206-315-7638M +1-425-205-1180



--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

Re: [Samba] ADS Join on Windows 2008 domain not working in 3.0.25b?

2007-07-06 Thread Gerald (Jerry) Carter 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Eddie Tse wrote:
> Hi,
> 
> Using samba 3.0.25b, testing to join to a Windows 2008 domain using ADS
> security with kerberos and it doesn't seem to work.  Anybody else tried
> this combination?

There's a few huckups that we're working on with Longhorn.





cheers, jerry
=
Samba--- http://www.samba.org
Centeris ---  http://www.centeris.com
"What man is a man who does not make the world better?"  --Balian
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2.2 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFGjlAAIR7qMdg1EfYRAn9GAKDNXTo+g1MsTQSwhOCjzvfVkzJQUACgiF31
WB5t2GNMa/hWJNbZ6po/lWA=
=AV/T
-END PGP SIGNATURE-
-- 
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba

[Samba] ADS Join on Windows 2008 domain not working in 3.0.25b?

2007-07-03 Thread Eddie Tse 

Hi,

Using samba 3.0.25b, testing to join to a Windows 2008 domain using ADS 
security with kerberos and it doesn't seem to work.  Anybody else tried this 
combination?


Same configuration worked joining to a Windows 2003 R2 domain.


I'm not a samba expert but looking at the log it looks like the 
[EMAIL PROTECTED] have something to do with it?



Output from "net ads join"

[2007/07/04 08:02:12, 3] libads/ldap.c:ads_connect(394)
 Connected to LDAP server 192.168.x.x
[2007/07/04 08:02:12, 4] libads/ldap.c:ads_current_time(2414)
 time offset is 0 seconds
[2007/07/04 08:02:12, 4] libads/sasl.c:ads_sasl_bind(521)
 Found SASL mechanism GSS-SPNEGO
[2007/07/04 08:02:12, 3] libads/sasl.c:ads_sasl_spnego_bind(213)
 ads_sasl_spnego_bind: got OID=1 2 840 48018 1 2 2
[2007/07/04 08:02:12, 3] libads/sasl.c:ads_sasl_spnego_bind(213)
 ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2
[2007/07/04 08:02:12, 3] libads/sasl.c:ads_sasl_spnego_bind(213)
 ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 3
[2007/07/04 08:02:12, 3] libads/sasl.c:ads_sasl_spnego_bind(213)
 ads_sasl_spnego_bind: got OID=1 3 6 1 4 1 311 2 2 10
[2007/07/04 08:02:12, 3] libads/sasl.c:ads_sasl_spnego_bind(222)
 ads_sasl_spnego_bind: got server principal name = 
[EMAIL PROTECTED]

[2007/07/04 08:02:12, 3] libsmb/clikrb5.c:ads_krb5_mk_req(593)
 ads_krb5_mk_req: krb5_cc_get_principal failed (No credentials cache found)
[2007/07/04 08:02:13, 1] libsmb/clikrb5.c:ads_krb5_mk_req(602)
 ads_krb5_mk_req: krb5_get_credentials failed for 
[EMAIL PROTECTED] (Server not found in Kerberos database)

[2007/07/04 08:02:13, 1] utils/net_ads.c:net_ads_join(1470)
 error on ads_startup: Server not found in Kerberos database
Failed to join domain: Improperly formed account name



Output from "net ads testjoin"

[2007/07/04 07:57:00, 3] libads/ldap.c:ads_connect(394)
 Connected to LDAP server 192.168.x.x
[2007/07/04 07:57:00, 3] libads/sasl.c:ads_sasl_spnego_bind(213)
 ads_sasl_spnego_bind: got OID=1 2 840 48018 1 2 2
[2007/07/04 07:57:00, 3] libads/sasl.c:ads_sasl_spnego_bind(213)
 ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2
[2007/07/04 07:57:00, 3] libads/sasl.c:ads_sasl_spnego_bind(213)
 ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 3
[2007/07/04 07:57:00, 3] libads/sasl.c:ads_sasl_spnego_bind(213)
 ads_sasl_spnego_bind: got OID=1 3 6 1 4 1 311 2 2 10
[2007/07/04 07:57:00, 3] libads/sasl.c:ads_sasl_spnego_bind(222)
 ads_sasl_spnego_bind: got server principal name = 
[EMAIL PROTECTED]

[2007/07/04 07:57:00, 3] libsmb/clikrb5.c:ads_krb5_mk_req(593)
 ads_krb5_mk_req: krb5_cc_get_principal failed (No credentials cache found)
[2007/07/04 07:57:04, 1] libsmb/clikrb5.c:ads_krb5_mk_req(602)
 ads_krb5_mk_req: krb5_get_credentials failed for 
[EMAIL PROTECTED] (Server not found in Kerberos database)

[2007/07/04 07:57:04, 3] libsmb/namequery.c:get_dc_list(1489)
 get_dc_list: preferred server list: "192.168.x.x, xxx.xxx.xxx"
[2007/07/04 07:57:04, 3] libads/ldap.c:ads_connect(394)
 Connected to LDAP server 192.168.x.x
[2007/07/04 07:57:04, 3] libads/sasl.c:ads_sasl_spnego_bind(213)
 ads_sasl_spnego_bind: got OID=1 2 840 48018 1 2 2
[2007/07/04 07:57:04, 3] libads/sasl.c:ads_sasl_spnego_bind(213)
 ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2
[2007/07/04 07:57:04, 3] libads/sasl.c:ads_sasl_spnego_bind(213)
 ads_sasl_spnego_bind: got OID=1 2 840 113554 1 2 2 3
[2007/07/04 07:57:04, 3] libads/sasl.c:ads_sasl_spnego_bind(213)
 ads_sasl_spnego_bind: got OID=1 3 6 1 4 1 311 2 2 10
[2007/07/04 07:57:04, 3] libads/sasl.c:ads_sasl_spnego_bind(222)
 ads_sasl_spnego_bind: got server principal name = 
[EMAIL PROTECTED]

[2007/07/04 07:57:07, 1] libsmb/clikrb5.c:ads_krb5_mk_req(602)
 ads_krb5_mk_req: krb5_get_credentials failed for 
[EMAIL PROTECTED] (Server not found in Kerberos database)

[2007/07/04 07:57:11, 1] libsmb/clikrb5.c:ads_krb5_mk_req(602)
 ads_krb5_mk_req: krb5_get_credentials failed for 
[EMAIL PROTECTED] (Server not found in Kerberos database)

Join to domain is not valid: Improperly formed account name
[2007/07/04 07:57:11, 2] utils/net.c:main(1032)
 return code = -1





--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/listinfo/samba