LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices

Reply
 
Search this Thread
Old 01-29-2009, 05:09 PM   #1
finitelife
LQ Newbie
 
Registered: Jan 2009
Distribution: Slackware 12.2
Posts: 4

Rep: Reputation: 0
Active Directory (Slackware[12.2]+Samba[3.2.5]+OpenLDAP[2.3.43]+Kerberos5[1.6.3])


I have a Slackware computer that is having trouble joining the active directory domain. I have reconfigured everything i could think of and I have hit a wall (with my head repeatedly). Here is what I have done so far;
BTW- If i haven't listed it I probably haven't changed it from initial installation. Apply Slackware defaults liberally
Code:
vim /etc/openldap/ldap.conf
BASE dc=noamer, dc=foobar, dc=com
URI ldap://foo-na-rdc01.noamer.foobar.com
wget "http://repository.slacky.eu/slackware-12.0/network/kerberos/1.6.3/krb5-1.6.3-i486-1as.tgz"
installpkg krb5-1.6.3-i486-1as.tgz
cp /etc/krb5.conf.new /etc/krb5.conf
vim /etc/krb5.conf
[libdefaults]
	default_realm = NOAMER.FOOBAR.COM
	krb4_config = /usr/kerberos/lib/krb.conf
	krb4_realms = /usr/kerberos/lib/krb.realms

[realms]
	NOAMER.FOOBAR.COM = {
                kdc = FOO-NA-RDC01.NOAMER.FOOBAR.COM
		admin_server = FOO-NA-RDC01.NOAMER.FOOBAR.COM
		default_domain = NOAMER.FOOBAR.COM
	}

[domain_realm]
        .noamer.foobar.com = NOAMER.FOOBAR.COM
        noamer.foobar.com = NOAMER.FOOBAR.COM

[logging]
#	kdc = CONSOLE
removepkg samba
wget -r "ftp://carroll.cac.psu.edu/pub/linux/distributions/slackware/slackware-12.2/source/n/samba/"
vim samba.SlackBuild

CFLAGS="$SLKCFLAGS" ./configure \
  --enable-cups \
  --enable-static=no \
  --enable-shared=yes \
  --mandir=/usr/man \
  --with-fhs \
  --with-acl-support=yes \
  --with-automount \
  --prefix=/usr \
  --localstatedir=/var \
  --bindir=/usr/bin \
  --sbindir=/usr/sbin \
  --with-lockdir=/var/cache/samba \
  --sysconfdir=/etc \
  --with-configdir=/etc/samba \
  --with-privatedir=/etc/samba/private \
  --with-swatdir=/usr/share/swat \
  --with-smbmount \
  --with-quotas \
  --with-syslog \
  --with-utmp \
  --with-libsmbclient \
  --with-winbind \
  --with-ldap \
  --with-krb5 \
  --with-ads \
  --build=$ARCH-slackware-linux
chmod +x samba.SlackBuild
./samba.SlackBuild
installpkg /tmp/samba-3.2.5-i486-1.tgz
chmod +x /etc/rc.d/rc.samba
vim /etc/samba/smb.conf
   workgroup = NOAMER
   server string = FOO-BETA
   security = ads
   encrypt passwords = yes
   netbios name = FOO-BETA
;   load printers = yes
   password server = *
   realm = NOAMER.FOOBAR.COM
/etc/rc.d/rc.samba start
kinit CNSFOO@NOAMER.FOOBAR.COM
klist
Ticket cache: FILE:/tmp/krb5cc_0
Default principal: CNSFOO@NOAMER.FOOBAR.COM

Valid starting     Expires            Service principal
01/29/09 13:28:19  01/29/09 23:28:08  krbtgt/NOAMER.FOOBAR.COM@NOAMER.FOOBAR.COM
	renew until 01/30/09 13:28:19


Kerberos 4 ticket cache: /tmp/tkt0
klist: You have no tickets cached
net ads join -U CNSFOO@NOAMER.FOOBAR.COM
Failed to join domain: Invalid configuration and configuration modification was not requested
I know that CNSFOO has computer join permissions and I have tried adding the computer account manually in AD with similar results. When I changed the values workgroup and default_domain I got this output from net;

Code:
[2009/01/29 16:50:37,  0] libads/kerberos.c:ads_kinit_password(356)
  kerberos_kinit_password CNSFOO@NOAMER.FOO.COM@NOAMER.FOO.COM failed: Malformed representation of principal
Failed to join domain: failed to connect to AD: Malformed representation of principal
I am stumped. Two days wasted so far. Any ideas? Information will be made available upon request.
 
Old 01-29-2009, 06:21 PM   #2
Didier Spaier
Senior Member
 
Registered: Nov 2008
Location: Paris, France
Distribution: Slackware{,64}-{14.1,current} on a Lenovo Thinkpad T61 6457-4XG
Posts: 4,644

Rep: Reputation: 1231Reputation: 1231Reputation: 1231Reputation: 1231Reputation: 1231Reputation: 1231Reputation: 1231Reputation: 1231Reputation: 1231
May be nothing related to your problem, just wondering...
- Why did you take the package krb5-1.6.3-i486-1as.tgz from Slacky.eu 12.0 repository instead of krb5-1.6.3-i486-2as.tgz from 12.2 repository . They are not the same, so this *could* cause problems.
- Why did you replace samba-3.2.7 shipped with Slackware by samba-3.2.5 ?

Last edited by Didier Spaier; 01-29-2009 at 06:23 PM.
 
Old 06-15-2009, 11:14 AM   #3
finitelife
LQ Newbie
 
Registered: Jan 2009
Distribution: Slackware 12.2
Posts: 4

Original Poster
Rep: Reputation: 0
Just to revisit this- I have applied the suggested changes with the exact same results. It has been a few months. Any fresh ideas? The I have already Googled/RTM. Still stuck.
 
Old 12-16-2011, 07:28 PM   #4
DragonM15
Member
 
Registered: Sep 2003
Location: USA
Distribution: Slackware (Multiple Versions)
Posts: 455

Rep: Reputation: 31
Sorry for bringing up an old post. I also know that slackware 12.2 has been around for a while. That aside, did you figure out your issue?

Thanks,
DragonM15
 
  


Reply

Tags
kerberos, openldap, samba


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
importing users from active directory into openldap and get working with samba kcorupe Linux - Server 2 11-18-2009 11:26 AM
OpenLDAP query Active Directory noir911 Linux - Server 0 04-30-2008 07:18 AM
OpenLDAP and Active Directory custangro Linux - Enterprise 1 01-05-2008 02:55 AM
Active Directory vs. OpenLDAP msteiner Linux - Software 1 10-30-2007 01:09 PM
openldap and active directory akismax Linux - Enterprise 1 07-21-2006 06:50 PM


All times are GMT -5. The time now is 08:37 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration