Windows Active Directory and Ubuntu - LDAP
Hello,
I have a question. I tried for 2x6 hours (2 days) to fix this problem and searched all over the internet. I have a WIN2003 Server as a primary domaincontroller: DOMEIN.NET The IP address is 192.168.1.2 FQDN: win2003.domein.net Username: Administrator Password: P@ssword and I have a UBUNTU machine. IP address is 192.168.1.3 FQDN: ubuntus2.domein.net Username: ubuntu Password: P@ssword Root username: root Password: P@ssword UBUNTUS2 is connected to the domainname DOMEIN.NET with use of LIKEWISE-OPEN. Now I want to use SAMBA with WINBIND (of course IF this is possible). I want to use SAMBA for FILE/PRINTER SHARING and to logon UBUNTU with WIN2003 ADS users. This does work with LIKEWISE, but I want to use SAMBA. I am using webmin to configure different options, this is to make it simple for myself, because my knowledge of UBUNTU is basic, and really need some GUI interfaces. When I try to bind my UBUNTU machine to the domain with the use of WINBIND i get the following error: Quote:
Quote:
What am I doing wrong here? Can anyone help me out please? Thank you ! |
Actually, when you want to join Linux machine to Windows domain, it uses Kerberos authentication. Show me your /etc/krb5.conf and I will tell you where the problem is.
P.S. I suppose you have your /etc/hosts and /etc/resolv configured properly? |
Quote:
PHP Code:
PHP Code:
PHP Code:
|
Quote:
[logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log [libdefaults] default_realm = DOMEIN.NET dns_lookup_realm = true dns_lookup_kdc = true ticket_lifetime = 24h forwardable = yes [realms] DOMEIN.NET = { kdc = win2003.domein.net:88 admin_server = win2003.domein.net:749 default_domain = DOMEIN.NET } [domain_realm] .domein.net = DOMEIN.NET domein.net = DOMEIN.NET [appdefaults] pam = { debug = false ticket_lifetime = 36000 renew_lifetime = 36000 forwardable = true krb4_convert = false try_first_pass = true } And your hosts file should look like that: 127.0.0.1 localhost 127.0.1.1 ubuntus2.domein.net ubuntus2 192.168.1.2 win2003.domein.net win2003 # The following lines are desirable for IPv6 capable hosts ::1 localhost ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters ff02::3 ip6-allhosts This should help. Report the result, please. |
Hello, I made the necessary changes, but I still have the same result:
Quote:
Do I need to make several changes to Windows 2003 Server aswell? UPDATE ** I tried this now and get the following: net rpc getsid -S DOMEIN.NET -I 192.168.1.2 -U Administrator%P@ssword Quote:
Only problem is, I don't know to where.. |
Quote:
[global] idmap gid = 10000-20000 idmap uid = 10000-20000 password server = 192.168.1.2 workgroup = DOMEIN realm = DOMEIN.NET encrypt passwords = yes winbind enum groups = yes winbind enum users = yes winbind use default domain = yes security = ADS debuglevel = 2 wins support = no # Winbind settings # For testing # A shared folder for testing purposes [SharedFolder] path = /home/onno2/Shared_Folder available = yes public = yes writable = yes force create mode = 0666 force directory mode = 0777 Then try "net ads join -U Administrator" (without quotes, of course =) ) |
I think you fixed it now !
Quote:
Well I am joined now, do I still require likewise-open ? Because without it, I cannot logon Ubuntu with a ADS username.. |
Quote:
Here's a good Samba + AD HOWTO Enjoy! |
Hello, I have another question..
How can I install my Ubuntu as a secondary domaincontroller? Do I need LDAP for this? And how can I do this? Thankyou ! |
Googling can save you a lot of time ;)
http://www.samba.org/samba/docs/man/...samba-bdc.html Enjoy ;) |
According to the above link given:
Quote:
|
Quote:
However it seems it does not fix my problem. Samba is more diffferent then LDAP I guess? Thanks anyways... I am still looking for an answer.. It is frustating |
Quote:
Yes it is. Samba is typically used to share files and folders with windows. Or for windows networking. Please go through this link to know what is LDAP. |
Quote:
I want my Active Directory users able to logon Ubuntu server. Also I want to share folders with my ubuntu machine to the desired Active Directory users. It seems I need LDAP for this. Before I can use LDAP, I needed to make my ubuntu machine a memberserver first, which is now. I tried to google for this, also a reason why my post took such a long time. But I couldn't find any usefull information. There is information, but it is all outdated... I hope any one you can help me with this problem. I really need LDAP fixing. Thank you ! |
All times are GMT -5. The time now is 06:10 AM. |