[Samba] net ads join failed
This is a discussion on [Samba] net ads join failed within the Samba forums, part of the Networking and Network Related category; Hi, I am trying to join a samba server to my AD directory but if fails: [root@localhost postfix]# net ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
09-04-2008
|
|||
|
|||
[Samba] net ads join failed
Hi,
I am trying to join a samba server to my AD directory but if fails: [root@localhost postfix]# net ads join -U apacci@ACME apacci@ACNEU's password: [2008/09/04 15:12:45, 0] libads/kerberos.c:ads_kinit_password(228) kerberos_kinit_password apacci@ACME failed: Cannot resolve network address for KDC in requested realm Failed to join domain: Undetermined error [root@localhost postfix]# net ads join -U apacci@EU.ACME.COM apacci@EU.ACME.COM's password: Using short domain name -- ACME Failed to set servicePrincipalNames. Please ensure that the DNS domain of this server matches the AD domain, Or rejoin with using Domain Admin credentials. Deleted account for 'AMSDEV-DV10' in realm 'EU.ACME.COM' Failed to join domain: Type or value exists There is no computer account named amsdev-dv10 in my directory. kinit doesn't return anything [root@localhost postfix]# kinit apacci Password for apacci@EU.ACME.COM: My resolv.conf is ok.I can ping and resolve hosts in my AD. My /etc/host file is basic: ::1 localhost.localdomain localhost amsdev-dv10 The username is domain admin. My krb5.conf is as follow: [libdefaults] default_realm = EU.ACME.COM dns_lookup_realm = false dns_lookup_kdc = false ticket_lifetime = 24h forwardable = yes [realms] EU.ACME.COM = { kdc = amsterdam-dc02.eu.acme.com kdc = amsterdam-dc01.eu.acme.com admin_server = amsterdam-dc02.eu.acme.com master_kdc = amsterdam-dc02.eu.acme.com default_domain = eu.acme.com } [domain_realm] eu.acme.com = EU.ACME.COM .eu.acme.com = EU.ACME.COM .acme.com = EU.ACME.COM acme.com = EU.ACME.COM [kdc] profile = /etc/kdc.conf smb.conf [global] workgroup = ACME password server = 10.130.12.100 realm = EU.ACME.COM security = ADS idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 winbind separator = + template shell = /bin/false winbind use default domain = true winbind offline logon = false server string = Samba Server Version %v passdb backend = tdbsam preferred master = No wins server = 10.130.10.100 ldap ssl = no winbind enum users = Yes winbind enum groups = Yes [homes] comment = Home Directories read only = No browseable = No -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba 
|
|
09-04-2008
|
|||
|
|||
|
[Samba] Re: net ads join failed
Apparently something is wrong with my hosts file. I have changed it and now
get a much better result: [root@amsdev-dv10 ~]# net ads join -U apacci@EU.ACME.COM apacci@EU.ACME.COM's password: Using short domain name -- ACME DNS update failed! Joined 'AMSDEV-DV10' to realm 'EU.ACME.COM' What the dns update failed means? 2008/9/4 Thomas Vito <shoktai@gmail.com> > Hi, > > I am trying to join a samba server to my AD directory but if fails: > > [root@localhost postfix]# net ads join -U apacci@ACME > apacci@ACNEU's password: > [2008/09/04 15:12:45, 0] libads/kerberos.c:ads_kinit_password(228) > kerberos_kinit_password apacci@ACME failed: Cannot resolve network > address for KDC in requested realm > Failed to join domain: Undetermined error > > [root@localhost postfix]# net ads join -U apacci@EU.ACME.COM > apacci@EU.ACME.COM's password: > Using short domain name -- ACME > Failed to set servicePrincipalNames. Please ensure that > the DNS domain of this server matches the AD domain, > Or rejoin with using Domain Admin credentials. > Deleted account for 'AMSDEV-DV10' in realm 'EU.ACME.COM' > Failed to join domain: Type or value exists > > There is no computer account named amsdev-dv10 in my directory. > > kinit doesn't return anything > [root@localhost postfix]# kinit apacci > Password for apacci@EU.ACME.COM: > > My resolv.conf is ok.I can ping and resolve hosts in my AD. My /etc/host > file is basic: > ::1 localhost.localdomain localhost amsdev-dv10 > > The username is domain admin. > > My krb5.conf is as follow: > > [libdefaults] > default_realm = EU.ACME.COM > dns_lookup_realm = false > dns_lookup_kdc = false > ticket_lifetime = 24h > forwardable = yes > > [realms] > > EU.ACME.COM = { > kdc = amsterdam-dc02.eu.acme.com > kdc = amsterdam-dc01.eu.acme.com > admin_server = amsterdam-dc02.eu.acme.com > master_kdc = amsterdam-dc02.eu.acme.com > default_domain = eu.acme.com > } > > [domain_realm] > > eu.acme.com = EU.ACME.COM > .eu.acme.com = EU.ACME.COM > .acme.com = EU.ACME.COM > acme.com = EU.ACME.COM > [kdc] > profile = /etc/kdc.conf > > smb.conf > > [global] > > workgroup = ACME > password server = 10.130.12.100 > realm = EU.ACME.COM > security = ADS > idmap uid = 16777216-33554431 > idmap gid = 16777216-33554431 > winbind separator = + > template shell = /bin/false > winbind use default domain = true > winbind offline logon = false > > > server string = Samba Server Version %v > passdb backend = tdbsam > preferred master = No > wins server = 10.130.10.100 > ldap ssl = no > winbind enum users = Yes > winbind enum groups = Yes > > [homes] > comment = Home Directories > read only = No > browseable = No > > > > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
|
|
09-04-2008
|
|||
|
|||
|
Re: [Samba] Re: net ads join failed
It means that your primary DNS server does not support dynamic updates.
On Thu, 2008-09-04 at 16:54 +0200, Thomas Vito wrote: > Apparently something is wrong with my hosts file. I have changed it and now > get a much better result: > [root@amsdev-dv10 ~]# net ads join -U apacci@EU.ACME.COM > apacci@EU.ACME.COM's password: > Using short domain name -- ACME > DNS update failed! > Joined 'AMSDEV-DV10' to realm 'EU.ACME.COM' > > What the dns update failed means? > > > 2008/9/4 Thomas Vito <shoktai@gmail.com> > > > Hi, > > > > I am trying to join a samba server to my AD directory but if fails: > > > > [root@localhost postfix]# net ads join -U apacci@ACME > > apacci@ACNEU's password: > > [2008/09/04 15:12:45, 0] libads/kerberos.c:ads_kinit_password(228) > > kerberos_kinit_password apacci@ACME failed: Cannot resolve network > > address for KDC in requested realm > > Failed to join domain: Undetermined error > > > > [root@localhost postfix]# net ads join -U apacci@EU.ACME.COM > > apacci@EU.ACME.COM's password: > > Using short domain name -- ACME > > Failed to set servicePrincipalNames. Please ensure that > > the DNS domain of this server matches the AD domain, > > Or rejoin with using Domain Admin credentials. > > Deleted account for 'AMSDEV-DV10' in realm 'EU.ACME.COM' > > Failed to join domain: Type or value exists > > > > There is no computer account named amsdev-dv10 in my directory. > > > > kinit doesn't return anything > > [root@localhost postfix]# kinit apacci > > Password for apacci@EU.ACME.COM: > > > > My resolv.conf is ok.I can ping and resolve hosts in my AD. My /etc/host > > file is basic: > > ::1 localhost.localdomain localhost amsdev-dv10 > > > > The username is domain admin. > > > > My krb5.conf is as follow: > > > > [libdefaults] > > default_realm = EU.ACME.COM > > dns_lookup_realm = false > > dns_lookup_kdc = false > > ticket_lifetime = 24h > > forwardable = yes > > > > [realms] > > > > EU.ACME.COM = { > > kdc = amsterdam-dc02.eu.acme.com > > kdc = amsterdam-dc01.eu.acme.com > > admin_server = amsterdam-dc02.eu.acme.com > > master_kdc = amsterdam-dc02.eu.acme.com > > default_domain = eu.acme.com > > } > > > > [domain_realm] > > > > eu.acme.com = EU.ACME.COM > > .eu.acme.com = EU.ACME.COM > > .acme.com = EU.ACME.COM > > acme.com = EU.ACME.COM > > [kdc] > > profile = /etc/kdc.conf > > > > smb.conf > > > > [global] > > > > workgroup = ACME > > password server = 10.130.12.100 > > realm = EU.ACME.COM > > security = ADS > > idmap uid = 16777216-33554431 > > idmap gid = 16777216-33554431 > > winbind separator = + > > template shell = /bin/false > > winbind use default domain = true > > winbind offline logon = false > > > > > > server string = Samba Server Version %v > > passdb backend = tdbsam > > preferred master = No > > wins server = 10.130.10.100 > > ldap ssl = no > > winbind enum users = Yes > > winbind enum groups = Yes > > > > [homes] > > comment = Home Directories > > read only = No > > browseable = No > > > > > > > > > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
|
|
09-04-2008
|
|||
|
|||
|
Re: [Samba] Re: net ads join failed
Indeed.
After a record dns creation everything works fine 2008/9/4 Hoover, Tony <hoover@sal.ksu.edu> > It means that your primary DNS server does not support dynamic updates. > > > On Thu, 2008-09-04 at 16:54 +0200, Thomas Vito wrote: > > Apparently something is wrong with my hosts file. I have changed it and > now > > get a much better result: > > [root@amsdev-dv10 ~]# net ads join -U apacci@EU.ACME.COM > > apacci@EU.ACME.COM's password: > > Using short domain name -- ACME > > DNS update failed! > > Joined 'AMSDEV-DV10' to realm 'EU.ACME.COM' > > > > What the dns update failed means? > > > > > > 2008/9/4 Thomas Vito <shoktai@gmail.com> > > > > > Hi, > > > > > > I am trying to join a samba server to my AD directory but if fails: > > > > > > [root@localhost postfix]# net ads join -U apacci@ACME > > > apacci@ACNEU's password: > > > [2008/09/04 15:12:45, 0] libads/kerberos.c:ads_kinit_password(228) > > > kerberos_kinit_password apacci@ACME failed: Cannot resolve network > > > address for KDC in requested realm > > > Failed to join domain: Undetermined error > > > > > > [root@localhost postfix]# net ads join -U apacci@EU.ACME.COM > > > apacci@EU.ACME.COM's password: > > > Using short domain name -- ACME > > > Failed to set servicePrincipalNames. Please ensure that > > > the DNS domain of this server matches the AD domain, > > > Or rejoin with using Domain Admin credentials. > > > Deleted account for 'AMSDEV-DV10' in realm 'EU.ACME.COM' > > > Failed to join domain: Type or value exists > > > > > > There is no computer account named amsdev-dv10 in my directory. > > > > > > kinit doesn't return anything > > > [root@localhost postfix]# kinit apacci > > > Password for apacci@EU.ACME.COM: > > > > > > My resolv.conf is ok.I can ping and resolve hosts in my AD. My > /etc/host > > > file is basic: > > > ::1 localhost.localdomain localhost amsdev-dv10 > > > > > > The username is domain admin. > > > > > > My krb5.conf is as follow: > > > > > > [libdefaults] > > > default_realm = EU.ACME.COM > > > dns_lookup_realm = false > > > dns_lookup_kdc = false > > > ticket_lifetime = 24h > > > forwardable = yes > > > > > > [realms] > > > > > > EU.ACME.COM = { > > > kdc = amsterdam-dc02.eu.acme.com > > > kdc = amsterdam-dc01.eu.acme.com > > > admin_server = amsterdam-dc02.eu.acme.com > > > master_kdc = amsterdam-dc02.eu.acme.com > > > default_domain = eu.acme.com > > > } > > > > > > [domain_realm] > > > > > > eu.acme.com = EU.ACME.COM > > > .eu.acme.com = EU.ACME.COM > > > .acme.com = EU.ACME.COM > > > acme.com = EU.ACME.COM > > > [kdc] > > > profile = /etc/kdc.conf > > > > > > smb.conf > > > > > > [global] > > > > > > workgroup = ACME > > > password server = 10.130.12.100 > > > realm = EU.ACME.COM > > > security = ADS > > > idmap uid = 16777216-33554431 > > > idmap gid = 16777216-33554431 > > > winbind separator = + > > > template shell = /bin/false > > > winbind use default domain = true > > > winbind offline logon = false > > > > > > > > > server string = Samba Server Version %v > > > passdb backend = tdbsam > > > preferred master = No > > > wins server = 10.130.10.100 > > > ldap ssl = no > > > winbind enum users = Yes > > > winbind enum groups = Yes > > > > > > [homes] > > > comment = Home Directories > > > read only = No > > > browseable = No > > > > > > > > > > > > > > > > > -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
|
Linear Mode
