Hi, I am using Samba to join AD.But have a problem with version 3.4.7 which not meet in version 3.2.5.
Here is my steps: in version 3.2.5 1. set smb.conf and krb5.conf the realm to test.com; in smb.conf set use kerberos keytab = true 2. net ads join -U Administrator%Password createupn=t...@test.com createcomputer="Computers" 3. net ads keytab create The three steps will have no error and all successfully, the use klist, the ldap/ds1.test....@test.com ticket will available in the output. But in version 3.4.7 1. set smb.conf and krb5.conf the realm to test.com; in smb.conf kerberos method = system keytab 2. net ads join -U Administrator%Password createupn=t...@test.com createcomputer="Computers" 3. net ads keytab create Step 1 and Step 2 will successfully. But when I run step 3, it ask me to input root's password, the did not happen when using version 3.2.5. Then I have to use net ads keytab create -U Administrator%Password to make it running successfully, but after this when I use klist, the ldap/ds1.test....@test.com ticket does not exist. So what happens and how can I make it like the version 3.2.5 ? When I try to use net -k ads keytab create, the exit value will be -1 and when I add debug information, the error will be : ads_krb5_mk_req: krb5_get_credentials failed ( ldap/ds1.test....@test.com) ( Cannot find ticket for requested realm) Can anyone help me ? Thanks very much in advance ! -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
