* [gentoo-user] Could not join to Windows 2k3 domain: Failed to set servicePrincipalNames
@ 2008-05-16 12:21 Vladimir Rusinov
0 siblings, 0 replies; only message in thread
From: Vladimir Rusinov @ 2008-05-16 12:21 UTC (permalink / raw
To: Gentoo User List
[-- Attachment #1: Type: text/plain, Size: 3057 bytes --]
Hello!
I'm trying to join my Gentoo box to Windows 2003 domain and I need some
help.
I've set up smb.conf,. krb5.conf, got a krb ticket, but I'm not able to join
domain:
# net ads join -U admin@CORP.MY.DOMAIN -d2
[2008/05/16 16:13:11, 2] lib/interface.c:add_interface(81)
added interface ip=192.168.5.21 bcast=192.168.5.255 nmask=255.255.255.0
admin@CORP.MY.DOMAIN's password:
[2008/05/16 16:13:13, 2] libsmb/cliconnect.c:cli_session_setup_kerberos(613)
Doing kerberos session setup
Using short domain name -- CORP
Failed to set servicePrincipalNames. Please ensure that
the DNS domain of this server matches the AD domain,
Or rejoin with using Domain Admin credentials.
[2008/05/16 16:13:13, 2] libsmb/cliconnect.c:cli_session_setup_kerberos(613)
Doing kerberos session setup
Deleted account for 'RUVRN-NIX01' in realm 'CORP.MY.DOMAIN'
Failed to join domain: Type or value exists
[2008/05/16 16:13:13, 2] utils/net.c:main(1036)
return code = -1
smb.conf:
[global]
workgroup = CORP
realm = CORP.MY.DOMAIN <http://CORP.MURANOSOFT.COM>
server string = samba-%v
printcap name = cups
load printers = yes
printing = cups
log file = /var/log/samba/log.%m
max log size = 50
hosts allow = 192.168.1. 127.
use sendfile = yes
map to guest = bad user
security = ads
encrypt passwords = yes
winbind use default domain = yes
socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
local master = no
domain logons = no
idmap uid = 10000-20000
idmap gid = 10000-20000
wins server = CORP.MY.DOMAIN
wins proxy = no
dns proxy = yes
dos charset = 866
unix charset = UTF-8
krb5.conf:
[libdefaults]
ticket_lifetime = 600
default_realm = CORP.MY.DOMAIN
default_etypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
default_etypes_des = des3-hmac-sha1 des-cbc-crc des-cbc-md5
[realms]
CORP.MY.DOMAIN = {
kdc = zaz.corp.my.domain:88
admin_server = zaz.corp.my.domain:749
}
[domain_realm]
.corp.my.domain = CORP.MY.DOMAIN
corp.my.domain = CORP.MY.DOMAIN
.my.domain = CORP.MY.DOMAIN
my.domain = CORP.MY.DOMAIN
corp = CORP.MY.DOMAIN
.corp = CORP.MY.DOMAIN
[logging]
kdc = SYSLOG
admin_server = SYSLOG
default = SYSLOG
[password_quality]
check_library = /usr/lib/sample_passwd_check.so
check_function = check_cracklib
installed packages:
net-fs/samba
Installed versions: 3.0.28(14:37:31 05/16/08)(ads cups fam
kernel_linux ldap pam python readline winbind -acl -async -automount -caps
-doc -examples -ipv6 -linguas_ja -linguas_pl -quotas -selinux -swat -syslog)
[D] app-crypt/mit-krb5
Installed versions: 1.6.3-r1(15:42:50 05/16/08)(-doc -ipv6 -krb4 -tcl)
# klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: admin@CORP.MY.DOMAIN
Valid starting Expires Service principal
05/16/08 15:54:41 05/16/08 16:04:41 krbtgt/CORP.MY.DOMAIN@CORP.MY.DOMAIN
--
Vladimir Rusinov
Voronezh, Russia
UNIX Admin @ Murano Software
[-- Attachment #2: Type: text/html, Size: 4622 bytes --]
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2008-05-16 12:21 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-05-16 12:21 [gentoo-user] Could not join to Windows 2k3 domain: Failed to set servicePrincipalNames Vladimir Rusinov
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox