|
Improperly Formed Account Name When Adding SUSE 10 to Windows Domain
Hello,
I have a SUSE 10 SP 2 server that needs to get added to a Windows Active Directory domain and registered in DNS. Samba is 3.0.28-0.5. I tried to join the domain with the following command:
/usr/bin/net ads join -U MyDomainAdd%MyDomainPW
The response is
Failed to join domain: Improperly formed account name
I tried to register in DNS with the following command:
/usr/bin/net ads dns register -U MyDomainAdd% MyDomainPW
There is no response of any kind, but the system does not get added in the Windows DNS.
I previously enabled kerberos and can successfully do a kinit MyDomainAdd. After supplying the password, the klist command shows a valid ticket has been issued for the user MyDomainAdd.
The clock is synchronized with the domain controller.
In preparing for the domain add / dns register, I configured the krb5.conf and smb.conf files with settings that have worked for us on Red Hat Enterprise Linux 5.4.
The krb5.conf file reads as follows:
[logging]
default = SYSLOG:INFO:LOCAL7
default_realm = MYDOMAIN.US.COM
[libdefaults]
clock_skew = 300
default_realm = MYDOMAIN.US.COM
default_tgs_enctypes = RC4-HMAC DES-CBC-CRC DES-CBC-MD5
default_tkt_enctypes = RC4-HMAC DES-CBC-CRC DES-CBC-MD5
preferred_enctypes = RC4-HMAC DES-CBC-CRC DES-CBC-MD5
ticket_lifetime = 24000
dns_lookup_kdc=false
[realms]
MYDOMAIN.US.COM= {
kdc = 192.62.96.66:88
admin_server = 192.62.96.66:464
default_domain = 192.62.96.66
}
[domain_realm]
.MYDOMAIN.US.COM = MYDOMAIN.US.COM
MYDOMAIN.US.COM = MYDOMAIN.US.COM
The smb.conf file reads as follows:
# smb.conf is the main Samba configuration file. You find a full commented
# version at /usr/share/doc/packages/samba/examples/smb.conf.SUSE if the
# samba-doc package is installed.
# Date: 2008-04-23
[global]
workgroup = MYDOMAIN
use kerberos keytab = true
security = ads
realm = MYDOMAIN.US.COM
printing = cups
printcap name = cups
printcap cache time = 750
cups options = raw
map to guest = Bad User
include = /etc/samba/dhcp.conf
logon path = \\%L\profiles\.msprofile
logon home = \\%L\%U\.9xprofile
logon drive = P:
usershare allow guests = Yes
[homes]
comment = Home Directories
valid users = %S, %D%w%S
browseable = No
read only = No
inherit acls = Yes
[profiles]
comment = Network Profiles Service
path = %H
read only = No
store dos attributes = Yes
create mask = 0600
directory mask = 0700
[users]
comment = All users
path = /home
read only = No
inherit acls = Yes
veto files = /aquota.user/groups/shares/
[groups]
comment = All groups
path = /home/groups
read only = No
inherit acls = Yes
[printers]
comment = All Printers
path = /var/tmp
printable = Yes
create mask = 0600
browseable = No
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @ntadmin root
force group = ntadmin
create mask = 0664
directory mask = 0775
Can anyone suggest what needs to be done to fix or further diagnose these problems? I'm a Linux newbie.
Thanks in advance!
Joseph
|
Problem Resolved
