Help! Cannot get Samba to work!
I am having a nightmare getting a new Solaris server to join a domain in order to access some samba shares.
krb5.conf
Every time I try the net ads join -U administrator command, I get:
# net ads join -U administrator
Enter administrator's password:
[2014/09/25 08:29:27.672173, 0] libads/kerberos.c:333()
kerberos_kinit_password administrator@INTERNAL.OUR
Failed to join domain: failed to connect to AD: Preauthentication failed
I am a newbie to unix/samba and I am learning as I go, so your help is appreciated!
[global]
workgroup = OURDOMAIN
realm = INTERNAL.OURDOMAIN.COM
server string = Maginus SUN2014, Samba %v
interfaces = 172.XX.X.X
security = ADS
password server = *
server signing = auto
client signing = auto
map to guest = Bad Password
guest account = web
preferred master = Auto
wins server = 172.XX.X.X, 172.XX.X.X, 172.XX.X.X
idmap uid = 10000-20000
idmap gid = 10000-20000
template shell = /bin/bash
winbind enum users = Yes
winbind enum groups = Yes
[home_report]
comment = Home Report for Res Bulk Pick Lists
path = /home/report
guest only = Yes
guest ok = Yeskrb5.conf
[libdefaults]
default_realm = INTERNAL.OURDOMAIN.COM
[realms]
INTERNAL.OURDOMAIN.COM = {
kdc = DC1.INTERNAL.OURDOMAIN.COM
kdc = DC2.INTERNAL.OURDOMAIN.COM
kdc = DC3.INTERNAL.OURDOMAIN.COM
admin_server = DC1.INTERNAL.OURDOMAIN.COM
}
[domain_realm]
OURDOMAIN = INTERNAL.OURDOMAIN.COM
[logging]
default = FILE:/var/krb5/kdc.log
kdc = FILE:/var/krb5/kdc.log
kdc_rotate = {
# How often to rotate kdc.log. Logs will get rotated no more
# often than the period, and less often if the KDC is not used
# frequently.
period = 1d
# how many versions of kdc.log to keep around (kdc.log.0, kdc.log.1, ...)
versions = 10
}
[appdefaults]
kinit = {
renewable = true
forwardable= true
}
gkadmin = {
help_url = http://docs.sun.com:80/ab2/coll.384.1/SEAM/@AB2PageView/1195
}Every time I try the net ads join -U administrator command, I get:
# net ads join -U administrator
Enter administrator's password:
[2014/09/25 08:29:27.672173, 0] libads/kerberos.c:333()
kerberos_kinit_password administrator@INTERNAL.OUR
Failed to join domain: failed to connect to AD: Preauthentication failed
I am a newbie to unix/samba and I am learning as I go, so your help is appreciated!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
resolved with help of external support
ASKER
Only odd thing is myself and one other user (in my department) still cannot browse to the shares, everyone else is OK. Any ideas what might cause this?