Cannot join RHEL5 server to Windows 2003 SP2 Domain
Using the steps as per the RHEL-AD document (http://blog.scottlowe.org/2007/01/15/linux-ad-integration-version-4/), but I am unable to join a RHEL5 server to the Windows domain. This server does NOT use Winbind, so don't even offer that configuration as we have gotten the RHEl-AD documented steps to work in other server environments fine.
Samba Version: 3.0.33-3.39.el5_8 (and no this cannot be upgraded)
When I use the 'testjoin' command, it shows the information given is fine:
But when I attempt to actually join the server to the domain, it errors out:
[root@sanbweb1 ~]# net ads join -U mworsham@GPOTEST.LOCALmworsham@GPOTEST.LOCAL's password:Using short domain name -- GPOTESTCould not connect to server Proj-DC.GPOTEST.LOCALThe username or password was not correct.[2013/01/03 12:57:04, 0, effective(0, 0), real(0, 0)] utils/net_rpc_join.c:net_rpc_join_ok(81) net_rpc_join_ok: failed to get schannel session key from server Proj-DC.GPOTEST.LOCAL for domain GPOTEST. Error was NT_STATUS_ACCESS_DENIEDFailed to verify membership in domain!Failed to join domain: Success
Michael WorshamConnect With a MentorInfrastructure / Solutions ArchitectAuthor Commented:
Actually found a working solution by using the PowerBroker® Identity Services, Open Edition application. Just downloaded and installed the application, restarted the SSH daemon and then ran the command-line way to join the RHEL server to the Windows domain. Worked like a charm the first time.
At Springboard, we know how to get you a job in data science. With Springboard’s Data Science Career Track, you’ll master data science with a curriculum built by industry experts. You’ll work on real projects, and get 1-on-1 mentorship from a data scientist.
Michael WorshamInfrastructure / Solutions ArchitectAuthor Commented:
@Sandeep: Winbind is not an option. The code works as we have another whole domain working fine. We just think it's a problem with the Samba SMB.conf configuration w/ Windows side.
Michael WorshamInfrastructure / Solutions ArchitectAuthor Commented:
Once Kerberos / LDAP authentication works, just by adding this application and restarting the SSH daemon, the server was easily joined to the Windows AD domain.
0
Question has a verified solution.
Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.
>> domainjoin-cli join example.local Administrator
Reference:
http://download1.beyondtrust.com/Technical-Support/Downloads/PowerBroker-Identity-Services-Open-Edition/?Pass=True