samba server joining Active directory server 2008 error
i try to join samba server to active director server 2008 r2.i set every thing in server server smb configuration and kerberos configuration done
/etc/samba/smb.conf/ [global] # define the netbios name of the domain workgroup = CAMPUS # define the pptp server netbios name netbios name = server # define the AD domain name realm = campus.local # server description server string = pptpd Server # printer stuff printcap name = /etc/printcap load printers = no cups options = raw # log file stuff log file = /var/log/samba/%m.log max log size = 50 # must set to ads security = ads # address of domain controller password server = x.x.x.x # enable encrypt passwords encrypt passwords = yes # default setting socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 # not to be a master browser domain master = no preferred master = no # address of the WINS server wins server = x.x.x.x dns proxy = no require this line to join the domain client use spnego = yes # winbind stuff idmap uid = 50001-550000 idmap gid = 50001-550000 ;winbind separator = + winbind nested groups = Yes winbind enum users=yes winbind enum groups=yes template shell = /bin/false winbind use default domain = yes nt pipe support = no #smb ports=139 /etc/krb5.conf [logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log [libdefaults] default_realm = campus.local dns_lookup_realm = true dns_lookup_kdc = true ticket_lifetime = 24h forwardable = yes [realms] campus.local = { kdc = campus.local:88 admin_server = campus.local:749 default_domain = campus.local } [domain_realm] .campus.local = campus.local campus.local = campus.local [kdc] profile = /var/kerberos/krb5kdc/kdc.conf [appdefaults] pam = { debug = false ticket_lifetime = 36000 renew_lifetime = 36000 forwardable = true krb4_convert = false } when i try to joing following output shown net ads join -U Administrator@campus.local -d 5 libnet_JoinCtx: struct libnet_JoinCtx in: struct libnet_JoinCtx dc_name : NULL machine_name : 'SERVER' domain_name : * domain_name : 'campus.local' account_ou : NULL admin_account : 'Administrator@campus.local' machine_password : NULL join_flags : 0x00000023 (35) 0: WKSSVC_JOIN_FLAGS_IGNORE_UNSUPPORTED_FLAGS 0: WKSSVC_JOIN_FLAGS_JOIN_WITH_NEW_NAME 0: WKSSVC_JOIN_FLAGS_JOIN_DC_ACCOUNT 0: WKSSVC_JOIN_FLAGS_DEFER_SPN 0: WKSSVC_JOIN_FLAGS_MACHINE_PWD_PASSED 0: WKSSVC_JOIN_FLAGS_JOIN_UNSECURE 1: WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED 0: WKSSVC_JOIN_FLAGS_WIN9X_UPGRADE 0: WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE 1: WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE 1: WKSSVC_JOIN_FLAGS_JOIN_TYPE os_version : NULL os_name : NULL create_upn : 0x00 (0) upn : NULL modify_config : 0x00 (0) ads : NULL debug : 0x01 (1) use_kerberos : 0x00 (0) secure_channel_type : SEC_CHAN_WKSTA (2) interpret_string_addr_internal: getaddrinfo failed for name campus.local [Name or service not known] resolve_lmhosts: Attempting lmhosts lookup for name campus.local<0x1c> resolve_lmhosts: Attempting lmhosts lookup for name campus.local<0x1c> resolve_wins: Attempting wins lookup for name campus.local<0x1c> resolve_wins: using WINS server 10.3.20.70 and tag '*' name_resolve_bcast: Attempting broadcast lookup for name campus.local<0x1c> libnet_Join: libnet_JoinCtx: struct libnet_JoinCtx out: struct libnet_JoinCtx account_name : NULL netbios_domain_name : NULL dns_domain_name : NULL forest_name : NULL dn : NULL domain_sid : NULL domain_sid : (NULL SID) modified_config : 0x00 (0) error_string : 'failed to find DC for domain campus.local' domain_is_ad : 0x00 (0) result : WERR_DCNOTFOUND libnet_Join: libnet_JoinCtx: struct libnet_JoinCtx in: struct libnet_JoinCtx dc_name : NULL machine_name : 'SERVER' domain_name : * domain_name : 'CAMPUS' account_ou : NULL admin_account : 'Administrator@campus.local' machine_password : NULL join_flags : 0x00000023 (35) 0: WKSSVC_JOIN_FLAGS_IGNORE_UNSUPPORTED_FLAGS 0: WKSSVC_JOIN_FLAGS_JOIN_WITH_NEW_NAME 0: WKSSVC_JOIN_FLAGS_JOIN_DC_ACCOUNT 0: WKSSVC_JOIN_FLAGS_DEFER_SPN 0: WKSSVC_JOIN_FLAGS_MACHINE_PWD_PASSED 0: WKSSVC_JOIN_FLAGS_JOIN_UNSECURE 1: WKSSVC_JOIN_FLAGS_DOMAIN_JOIN_IF_JOINED 0: WKSSVC_JOIN_FLAGS_WIN9X_UPGRADE 0: WKSSVC_JOIN_FLAGS_ACCOUNT_DELETE 1: WKSSVC_JOIN_FLAGS_ACCOUNT_CREATE 1: WKSSVC_JOIN_FLAGS_JOIN_TYPE os_version : NULL os_name : NULL create_upn : 0x00 (0) upn : NULL modify_config : 0x00 (0) ads : NULL debug : 0x01 (1) use_kerberos : 0x00 (0) secure_channel_type : SEC_CHAN_WKSTA (2) ads_dns_lookup_srv: Failed to resolve _ldap._tcp.Default-First-Site-Name._sites.dc._msdcs.CAMPUS (Success) ads_dns_lookup_srv: Failed to send DNS query (NT_STATUS_UNSUCCESSFUL) ads_dns_lookup_srv: Failed to resolve _ldap._tcp.dc._msdcs.CAMPUS (Success) ads_dns_lookup_srv: Failed to send DNS query (NT_STATUS_UNSUCCESSFUL) resolve_lmhosts: Attempting lmhosts lookup for name CAMPUS<0x1c> resolve_lmhosts: Attempting lmhosts lookup for name CAMPUS<0x1c> resolve_wins: Attempting wins lookup for name CAMPUS<0x1c> resolve_wins: using WINS server x.x.x.x and tag '*' name_resolve_bcast: Attempting broadcast lookup for name CAMPUS<0x1c> libnet_Join: libnet_JoinCtx: struct libnet_JoinCtx out: struct libnet_JoinCtx account_name : NULL netbios_domain_name : NULL dns_domain_name : NULL forest_name : NULL dn : NULL domain_sid : NULL domain_sid : (NULL SID) modified_config : 0x00 (0) error_string : 'failed to find DC for domain CAMPUS' domain_is_ad : 0x00 (0) result : WERR_DCNOTFOUND Failed to join domain: failed to find DC for domain CAMPUS return code = -1 Please help to sort out this problem |
It looks like you aren't able to resolve campus.local. Is your resolv.conf setup to use your domain controllers as name servers? Not related, but I recommend setting server signing = mandatory in your global section of smb.conf. Without it, you can be susceptible to pass the hash attacks. Also try setting server role to member server.
|
Thanks for your reply yes my resolv.conf use dns of domain controller
|
All times are GMT -5. The time now is 01:20 AM. |